From owner-freebsd-hackers@FreeBSD.ORG  Mon Jul 30 17:57:02 2007
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A483516A419
	for <freebsd-hackers@freebsd.org>; Mon, 30 Jul 2007 17:57:02 +0000 (UTC)
	(envelope-from jonathan+freebsd-hackers@hst.org.za)
Received: from hermes.hst.org.za (onix.hst.org.za [209.203.2.133])
	by mx1.freebsd.org (Postfix) with ESMTP id E214E13C504
	for <freebsd-hackers@freebsd.org>; Mon, 30 Jul 2007 17:57:01 +0000 (UTC)
	(envelope-from jonathan+freebsd-hackers@hst.org.za)
Received: from [10.1.11.1] ([10.1.11.1]) (authenticated bits=0)
	by hermes.hst.org.za (8.13.8/8.13.8) with ESMTP id l6UHEaDu094461
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-hackers@freebsd.org>;
	Mon, 30 Jul 2007 19:14:37 +0200 (SAST)
	(envelope-from jonathan+freebsd-hackers@hst.org.za)
From: Jonathan McKeown <jonathan+freebsd-hackers@hst.org.za>
To: freebsd-hackers@freebsd.org
Date: Mon, 30 Jul 2007 19:18:27 +0200
User-Agent: KMail/1.9.4
Organization: Health Systems Trust
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200707301918.27372.jonathan+freebsd-hackers@hst.org.za>
X-Spam-Score: -3.977 () ALL_TRUSTED,BAYES_00
X-Scanned-By: MIMEDefang 2.61 on 209.203.2.133
Subject: passwd(1) and PAM
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Jul 2007 17:57:02 -0000

This seems to be almost a FAQ judging by the number of open/suspended PRs over 
several years, and the enquiry on this list back in March 2007 - but I 
haven't been able to find an answer yet.

Looking at /usr/src/usr.bin/passwd/passwd.c, it seems that passwd(1) was 
rewritten four years ago to use the PAM infrastructure (with options -l, -o 
and -y not actually doing anything any more).

It seems to be prevented from using, eg, pam_ldap, by the switch statement 
which uses constants defined in pam.h but commented there to be ``bogus''.

1. Is there any reason not to patch passwd.c locally, replacing the switch 
statement with printf and a single message?

2. When is this likely to make it into the official sources?

I'm in a mixed environment and looking at using LDAP for account information 
with pam_pgina for Windows users.

Oh, and if the answer is ``send a patch'', just let me know where!

Jonathan