PAM mess, once again and forever

Seems like I’m doomed to work on PAM for the rest of my life, even if I would like to stop using it myself.

From where this doom come from is easy to find, it’s one of the first things I’ve done when I joined Gentoo. Why this doom is heavy and annoying is a bit less easy to explain.

First of all, when I started, I just supported Martin (azarah) who did most of the work; I cleaned up a few modules, I wrote pam.eclass, and basically I made sure that the files installed in /etc/pam.d were compatible both with Linux-PAM (used, you’d never say, on Linux), and OpenPAM (used on FreeBSD).

Now, after an year and a half that I’m in Gentoo, I’m almost alone on PAM herd, and I thus need to take care of sys-libs/pam too. The current version in Gentoo is pretty ancient, 0.78, even Debian beat us with 0.79 in testing and unstable (considering that latest version is; I put a (masked) 0.99 in portage for a while now, but, as I started from scratch (because the original ebuild was waaay too complex and hard to understand to me — mind you, it was building not only PAM, but also glib-1 (for pam_console) and BerkDB (for pam_userdb) inline in the ebuild), it missed stuff like a proper Berkeley DB support and the RedHat/Fedora patches that I simply wanted not to apply. I did this because for a while Martin was away and thus I had to do something that I couldn’t handle by myself.

In July Martin was back, and he re-added the BerkDB build code, and the dependencies checking to the ebuild, messing it again almost to the same level as 0.78, so I just left sys-libs/pam once again to him. But then, he’s away again, and the package is unmaintained for a few months now again.

So here I am, after a day bumping and building KDE, fighting with PAM trying to prepare a new ebuild that can be used to test, hopefully to get a newer version at least in ~arch. This version will be a revert of my previous version, so without the static BerkDB build, but still with a berkdb useflag to enable/disable userdb module. I’m planning on simply moving out pam_userdb on its own package, copying Martin’s code, and leaving it there alone for the eternity, but to do so I first need to send this patch upstream and get it applied.. sigh, more time going away on this.

Oh a totally unrelated (and way merrier) note, I wish to thank Uri Sivan once again, who sent me a couple of items from my wishlist. Thanks Uri, again 🙂