[PAM-NTDOM] using pam_ntdom for ftp authentication

[Tim Potter]

Peter Samuelson writes:

> [Tim Potter <tpot at linuxcare.com.au>]
> > There's also the issue of the pam_ntdom module being GPL which means
> > that technically any program linking (i.e actually using it) also
> > needs to be GPL.  )-:
> 
> Hmmm.  Subtle.

Yes it is.

> The GPL and dynamic linking issues are sort of in the eye of the
> beholder.  I think I disagree with your interpretation, at least from a
> common-sense viewpoint.  Technically pam_* are dynamically linked with
> libpam.so (and, by extension, sshd etc), but to me the modules are not
> so much shared libraries as plugins.

I agree, but no matter how you look at it pam_whatever.so is
dynamically linked in to a running executable by the C library.
Hence, it falls under the GPL.

> The GIMP implements plugins using standalone executables, pipes and
> fork().  PAM implements them using shared objects and dlopen().  From a
> nontechnical standpoint (i.e. the legal system), the two methods really
> accomplish much the same thing, and a rather different thing from what
> (in general) shared libraries accomplish.

This is one of several methods to get around the GPL (Tom Christiansen
refers to it as comdomisation (-:).  In winbind, which uses pam
and nsswitch, the pam_winbind.so and libnss_winbind.so modules
are LGPL.  They talk over a UNIX domain socket to the (GPL)
winbind daemon.


Regards,

Tim.

> Peter