Re: System password authentication

[Larry Jones]

Brian Murphy writes:
>
> But this code rejects a blank password "" given by the user, should that not
> be accepted according to your explanation.

Mea culpa -- I was looking at the wrong code.  You were right, that code
*is* checking the system password, not the repository password.  And
you're also correct that it accepts a non-blank entered password as
matching a blank system password but rejects a blank entered password. 
I have no idea why -- the code seems to have been that way forever.  The
fascist side of my personality wants to reject any attempt to use a
system account with no password, the more liberal side says that if
someone is stupid enough to have an account with no password then they
deserve whatever happens (one can argue whether than means accepting any
password at all or just a blank one).  Opinions from the peanut gallery?

> Is there any chance of accepting a patch supporting PAM authentication?
> For example mine... :-)

I'd say there's a good chance of some PAM patch being accepted on the
experimental branch.  Your patch still needs some work, the "#if
SOLARIS2 == 260"'s in particular are almost certainly incorrect since
other systems will most likely need the same code.  You need to test for
whatever characteristic is important, not for a particular system. 
Please read the HACKING file if you haven't already for more advice. 
I'd also like to see some reports about how the code works on other
systems.

-Larry Jones

Moms and reason are like oil and water. -- Calvin