OTP feature for /bin/login
Laurent Bercot
ska-dietlibc at skarnet.org
Tue May 8 13:40:19 UTC 2012
> May be PAM is the de facto standard, but what about those whose do not
> like to use PAM on there systems (as they consider them bloated)?
Then we need a lightweight PAM replacement. I've managed to avoid
thinking about it too much so far, but if people want to add different
auth mechanisms to busybox, this is the way to go.
What rubs me the wrong way with PAM is that it requires dynamic
linking, since it relies on .so and dlopen() mechanisms. There's no way
to have a complete PAM-enabled system with statically linked binaries.
With the little amount of thought I've done on it so far, I've concluded
that a viable system would have to have executables instead of shared
objects as atoms, i.e. the /bin/login program configurably executes into
/bin/login-X-mechanism, where X can be passwd, OTP or anything of the
kind, and /bin/login-X-mechanism does the X-specific work.
--
Laurent
More information about the busybox
mailing list