Discussion:
removing PAM?
(too old to reply)
David Chmelik
2022-02-14 12:23:06 UTC
Permalink
I found that if you remove pam from Slackware 15, you can no longer login.
I know pam started on a derivative Unix, but I wouldn't really
describe pam 'doing one thing and doing it well.' In addition to
supposedly making logins more secure but also easy for various services,
it kind of took over doing too many things--many logins--and doesn't do
it well, because it forces you to use it for even the simplest login.
What would I have to do to safely remove pam entirely and change it
back to work how it did since days of classic Unix?
I know someone might want to use pam for a large organization's
servers (which might make easier) but I certainly don't want/need it for
desktop nor even my very small servers.
John McCue
2022-02-14 15:53:37 UTC
Permalink
Post by David Chmelik
I found that if you remove pam from Slackware 15, you can no longer login
That I would expect to happen
Post by David Chmelik
I know pam started on a derivative Unix, but I wouldn't
really describe pam 'doing one thing and doing it well.'
I agree

<snip>
Post by David Chmelik
I know someone might want to use pam for a large organization's
servers (which might make easier) but I certainly don't want/need
it for desktop nor even my very small servers.
I was not thrilled about PAM, but at least it is staying
out of my way. The only annoyance is when I do a
'su - root' and type in a bad PW, there is a bit of delay
with su(1).

I think it is baked into just about every package, you
may need to recompile everything. IIRC, It was brought
in because KDE needed it and I think XFCE also required
it.

John
--
[t]csh(1) - "An elegant shell, for a more... civilized age."
- Paraphrasing Star Wars
Silvenshadow
2022-04-08 21:44:25 UTC
Permalink
<snip>
Post by John McCue
I was not thrilled about PAM, but at least it is staying
out of my way. The only annoyance is when I do a
'su - root' and type in a bad PW, there is a bit of delay
with su(1).
I think it is baked into just about every package, you
may need to recompile everything. IIRC, It was brought
in because KDE needed it and I think XFCE also required
it.
I can attest to it's pervasiveness in 15. That and elogind (which I
consider to be a virus). I looked into removing them but with the
amount of packages you would have to maintain, you might as well fork
slackware and create a new distro using dpkg.

Watch out for strange PAM interactions. I recently had a problem where
PAM decided an account with a disabled password was completely valid and
enabled account with no password.

I've thought for years that things would improve, it seems that PAM,
SystemD and friends have been responsible for a great many of the
problems I've had. Too bad distros are being forced into adopting them
without a clean way to rip them out.

Maybe it's time for a package-alternates in slackware?

-=Silven

Loading...