[OpenAFS] openafs without pam

[Tino Schwarze]

On Mon, Aug 04, 2003 at 11:56:54AM +0300, Andrei Boros wrote:

> > >  Is there any way of compiling and running openafs without pam in the
> > > system ?
> > 
> > You do not need PAM to use OpenAFS. You cannot integrate AFS
> > authentication into your login process then (or not easily) - your users
> > would need to be authenticated locally and then issue "klog" manually
> > plus enter their AFS password.
> > 
> > Why do you want to avoid PAM?

> My planned deployment is a linux that will be the server and the rest of
> the clients will be windows boxes.
> My system does not have PAM installed (neither in the distro). 
> As some drivers prevent me from upgrading from kernel 2.2 to 2.4, I
> cannot reinstall the system with a new version of the distro
> (Slackware).
> I don't want to install something that will modify the authentication
> mechanisms in the system.
> 
> If there is absolutely now way to do it without losing functionality
> and/or severe hacking and extensive workarounds, I will install PAM.
> It's only that I'd rather avoid this, if possible.

How are you going to authenticate the Windows boxes? If you're going to
use Samba as a translator, you probably need PAM. If the Windows boxes
will get native clients, you won't need PAM. For administrative tasks,
you can authenticate manually (and there's no need for an AFS server to
be a client at all, it's usually useful though).

I think, you only need PAM if some service on the server needs to
authenticate against AFS automatically.

HTH! Tino.

-- 
             * LINUX - Where do you want to be tomorrow? *
                  http://www.tu-chemnitz.de/linux/tag/