No more PAM! ;)

[micmac]

Hey all!

I just wanted to express how glad I am that you can have a PAM-free Gentoo at last. I removed "sys-apps/shadow pam" from package.use today and pam and pam-login were removed by emerge depclean. After reemerging shadow all was ok. No more PAM!

Bottoms up!

Greets

mic

[gentoo_lan]

I don't really care either way. I currently use pam but if I really don't need it I may get rid of it.

[micmac]

I wanted to get rid of PAM since the beginning. Especially since I converted my two boxes to udev. On both I never changed permissions; I got burning perms on one box but not the other. PAM was just too weired and complicated for me to be helpful. It was IN MY WAY

mic

[Kyro]

What are the pros and cons of running an installation with respective without PAM enabled? I always got the impression of PAM being important from how people have talked about it.
_________________
Quis custodiet ipsos custodes?

[micmac]

Hi Kyro,

PAM was important for Gentoo the way I see it, because if you didn't emerge shadow with pam support you weren't able to login properly. But that seems to be history now.

Some peope (for instance Pat from Slackware) don't like it for security reasons (Slackware never incuded PAM), others have problems with it regarding device permissions like me. Plus I never understood what PAM is made for. Changing device perms on a log in and user basis doesn't make things easier or better, it's just too complex. In it's complexity lies a great potential for errors (security holes). That's my opinion.

mic

[placeholder]

After hearing this, I am removing it from my system.

[micmac]

[placeholder]

The only problem I ran into was not being able to su, which I fixed by simply changing SU_WHEEL_ONLY to no in /etc/login.defs.

[micmac]

Right!

I have that set, too. But now everyone can su to root. Maybe that's not what we want. But I didn't find any other way, yet.

mic

[soda_popstar]

What's so bad about PAM? I'm kinda uninformed on the issue... why do so many people dislike it? Are there advantages to not using it?

[Deranger]

Well, good luck on b0rking your system

[Kyro]

[exeter]

[TheCoop]

well, i find the pam_usb module very useful. Is there any way of getting rid of pam changing the device permissons, since udev handles that now, and just have it handle auth/login?
_________________
95% of all computer errors occur between chair and keyboard (TM)

"One World, One web, One program" - Microsoft Promo ad.
"Ein Volk, Ein Reich, Ein Führer" - Adolf Hitler

Change the world - move a rock

[codergeek42]

Fwiw, I tried removing PAM once and could not login to my system after that. Thank goodness for LiveCDs
_________________
~~ Peter: Programmer, Mathematician, STEM & Free Software Advocate, Enlightened Agent, Transhumanist, Fedora contributor
Who am I? :: EFF & FSF

[greg_g]

[TheCoop]

well maybe it should become maintained again, since it has the potential to be a great resource to log on using all sorts of things

If I had the time and expertise to take this up i would, but i dont, so i cant
Don't let this project die!
_________________
95% of all computer errors occur between chair and keyboard (TM)

"One World, One web, One program" - Microsoft Promo ad.
"Ein Volk, Ein Reich, Ein Führer" - Adolf Hitler

Change the world - move a rock

[JOS654]

ok i got a problem :/ i removed the package pam but using sudo so i dont have root access now so i cant reinstall shadow and i cant log to root any idea about what to do?

[codergeek42]

[denstark]

[placeholder]

Yeah.... Next time keep the terminal open.

[JOS654]

and i supposed that using sudo was better than su
well i have repaired the system but gdm wants pam at all cost so is the only package left in the system, login-pam and all package using the flag pam has been reemerged
thx for the help

[Lews_Therin]

Bah

I have removed PAM, and now can't su or sudo. Switching to the console to emerge anything sucks

[placeholder]

[Lews_Therin]