Some time ago there were discussions about moving cracklib out of the system packages set, as it’s far from being a necessary package. Indeed, cracklib is no more in system, although up to now if you used PAM you couldn’t actually remove it, as sys-libs/pam itself required it.
Not any more. Today I committed a revision bump for sys-libs/pam that makes cracklib optional, controlled by the cracklib USE flag. This is easily possible thanks to the epam “syntax”, that I described previously . Now it’s just a matter of documenting it in my guides, and then I can actually start make use of it, for instance ftpbase will certainly get some tweak so that when it’s installed in FBSD it uses pam_ftpusers rather than pam_listfiles.
More stuff to document, but more flexibility for the future, hopefully, so that future transitions will be painless. Or at least less painful than the one we’re going to have.
By the way I want to thank everybody for the feedback about the upgrading guide; I’ve made it a bit more explicit about what has to be done and when: things that might be pretty much obvious to me and others who have seen PAM at least remotely before might not be obvious nor easy to guess to others who never looked up what PAM is at all.
Anyway, more documentation ahead… sponsoring options still open 😛