netatalk icon indicating copy to clipboard operation
netatalk copied to clipboard

Published 20 hours ago verified publisher icon Netatalk

Non-PAM DHX2 / DHCAST128 auth doesn't work on macOS

Open rdmark opened this issue 10 months ago • 1 comments

An AFPERR_AUTHCONT error is thrown for the AFP_LOGIN_EXT command when attempting to authenticate with DHX2 or DHCAST128, compiled without PAM support, on a macOS host.

Using netatalk without PAM would be handy on macOS when netatalk is packaged with Homebrew, because brew is sandboxed by default and cannot write the PAM config file.

rdmark avatar Jan 10 '25 10:01 rdmark

Doesn't traditional *nix-style auth rely on /etc/shadow, which macOS doesn't have? Fairly sure that non-PAM auth in that case would need to query Directory Services directly, with e.g. /usr/bin/dscl . auth username password.

EricFromCanada avatar Jan 10 '25 14:01 EricFromCanada

Discarding this. Our build system is choosing only PAM auth by default when building on macOS, and I think it's a fine abstraction to use on this OS.

rdmark avatar Jul 12 '25 18:07 rdmark