[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7839) openldap libdb5 support
hyc@symas.com wrote:
> Further footnote - this is why we recommend nss-pam-ldapd or nssov, which
> fully isolates applications from the underlying nss/pam libraries. And why we
> don't recommend SSSD. A shame they had to go off and reinvent the wheel
> without actually fixing its underlying problems. Some people never learn.
Hmm. AFAICT sssd also isolates from the nss/pam libraries.
The pam_sss and libnss_sss modules also communicate with sssd over a Unix
domain socket just like the other demons and accompanying modules you prefer do.
Ciao, Michael.