PAM modules
Gleb Kurtsou
gleb.kurtsou at gmail.com
Wed Sep 21 20:52:43 UTC 2011
On (20/09/2011 17:51), Xin LI wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 09/20/11 14:19, Dag-Erling Smørgrav wrote:
> > Xin LI <delphij at delphij.net> writes:
> >> The main concern I have is that users might want to stay on an
> >> older FreeBSD release, while wanting features of a new OpenLDAP.
> >> That's why I would prefer a libxml style import -- users always
> >> have choice to install a new OpenLDAP without any concern of
> >> breaking their system and we can always deliver security fixes
> >> with freebsd-update. Would that make the trimmed down and
> >> renamed OpenLDAP import sound sensible?
> >
> > Yes, you have a point. So you're saying:
> >
> > - client side only (for nss_ldap, pam_ldap etc) - namespace hacks
> > to avoid colliding with the port
> >
> > right? I would definitely support that.
>
> Yes exactly, the current version is just library to support these nss
> and pam modules and have namespace hacks (so programs linking against
> port OpenLDAP library will not see conflicts as well).
It wasn't explicitly mentioned, but instead of adding ssh-namespace.h
like hacks we could add local symbol versions to ldap shared libraries.
That would make impact on OpenLDAP from ports and its users minimal.
Binary could be linked against both OpenLDAP and ldap from base in case
when libbsdldap.so is indirect dependency used by another library from
base. That is not the case with libbsdxml.so
Thanks,
Gleb.
>
> Cheers,
> - --
> Xin LI <delphij at delphij.net> https://www.delphij.net/
> FreeBSD - The Power to Serve! Live free or die
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.18 (FreeBSD)
>
> iQEcBAEBCAAGBQJOeTUGAAoJEATO+BI/yjfBRCAIAKQzG1dJhrLyKyYxJEH5qfXS
> pm11L5cuQQto9yqm1TeMeT3qNMuNBo+bWt2QPJ0ef6qaOiL1oYIHdDyAkHqlDh1Z
> q5zuwxZFzNAaBYF+QZLE0jSJpV05YpuN5bdkM5GilYw/xzbI4QmOstgJMyPS92WD
> //oFfz9jHdQxJ0jZdp8dTDKMbgpOfUDfm/82zdDJPRnoK4dbJyn1xNFOB2H7KQyI
> l246YN/W4/yR1wUDZlgjQ6zVoG4I6WvK1Lv7MU3YD2sNqfsnxoC+928U4Swd05Di
> A1KXRWLsSB+2ZFnCXbGq3D22KhnmD4GQqxEZn5PZj0p2mDF3kjYDf3zlsUoofmw=
> =DG1c
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list