[NTLUG:Discuss] Is is just me or is Red Hat/CentOs understanding of PAM, auth, etc, just totally insane or what?

[Christopher Cox]

Like it or not Red Hat must live.  But man... talk about weird.

They have a VERY mixed and inconsistent view of the world.. You can tell their 
are camps at WAR inside of Red Hat, those that want to remove all control from 
the local system admin (because after all, we're dumb) and those that still want 
to give control.. sheesh...

So... they have these tools... but you know the idea of a tool is that you sort 
of WANT people to use it.  Right?  The tool is authconfig and it's variants.

This authconfig tool OWNS a set of common included PAM configs for auth, 
account, password and session.  It controls their generation, any local 
modifications are overwritten by their authconfig tool.

Red Hat uses a myriad of pam modules many of which have overlapping scopes.

It's not that you CAN'T get done what you need to get done on Red Hat... it's 
just a LOT harder.  A whole lot harder.  Or, you just scrap authconfig, remove 
it's presence from the planet... which again, means you can install just about 
any Linux distro at that point.

Yuk!

Also, over the years, Red Hat has changed their position on numerous items no 
more than 50 gabillion times (sorry to be technical).  That means, if you DO 
figure it out... it will be WRONG with the next Red Hat incarnation.... sigh...

Now, I do realize that Red Hat drives (forces, coerces) other distros to follow 
"their way".. it's just the WRONG way folks... it really, really, really, 
really, really, really is....

IMHO.... there's a LOT of fixing needed at Red Hat.. and while they are the 
"dominant" player (due to IPO in the USA btw... NO OTHER REASON folks), if they 
just got their heads screwed on right, they could make a TON more... just saying.

I'm not going into detail about what I don't like about their PAM 
stack/authconfig, nss, etc. relationships... just venting a bit looking for 
anyone else that feels the same....