[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnu-radius] Problems with 1.0 and --enable-shadow
From: |
Sergey Poznyakoff |
Subject: |
Re: [Help-gnu-radius] Problems with 1.0 and --enable-shadow |
Date: |
Mon, 30 Jun 2003 20:43:53 +0300 |
Hi Andrea,
> Reading the code I guess that if I configure GNU RADIUS with --enable-shadow
By the way, generally the configuration suite is able to determine
if the system has shadow passwords, so you don't have to explicitly give
it --enable-shadow switch. If on your system it was unable to detect shadow,
please run configure without this switch and send me the resulting config.log,
so I may fix this in the future releases.
> it will only look for passwords in /etc/shadow and it will not fall back to
> reading/etc/passwd if I use Auth-Type=System.
Right.
> A workaround is to use --enable-pam and Auth-Type=Pam, but I'm sure (still
> using it) that version 0.96.4, configured with --enable-shadow will fall back
> to/etc/passwd not founding /etc/shadow.
Right.
> I think that this should be the most
> intuitive behaviour, but I would like to know if I read the code correctly.
Yes, Andrea, you have read it correctly.
> I would even like to know if the old behaviour would be restored in next
> versions.
Well, I'm equally comfortable with either approach. If it is critical to you,
I'll send you the patch tomorrow. Let me know if you need it. In the future
releases I'll provide a special option to switch between the two behaviors.
However, let me note that keeping passwords in /etc/passwd is highly
unsecure.
Regards,
Sergey