[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7839) openldap libdb5 support

hyc@symas.com wrote:
> Further footnote - this is why we recommend nss-pam-ldapd or nssov, which 
> fully isolates applications from the underlying nss/pam libraries. And why we 
> don't recommend SSSD. A shame they had to go off and reinvent the wheel 
> without actually fixing its underlying problems. Some people never learn.

Hmm. AFAICT sssd also isolates from the nss/pam libraries.

The pam_sss and libnss_sss modules also communicate with sssd over a Unix
domain socket just like the other demons and accompanying modules you prefer do.

Ciao, Michael.