Suggestions on how to deal with architecture detection for pam authentication in pure-ftpd

[Scott Haneda]

>> At the very least, I need to test 10.5 PPC and Intel.  I have a feeling 10.5 is going to use "pam_securityserver.so".  However, this worked at one point on 10.6 Intel as far as I remember.  This leads me to believe a change was made by Apple within the 10.6 release cycle.  If anyone has a 10.6.0 install and can tell me the contents of /etc/pam.d/ftpd that would answer if this is a change within the 10.6 lifecycle or not.
> 
> On 10.6.3:
> 
> # login: auth account password session
> auth       required       pam_opendirectory.so
> account    required       pam_permit.so
> password   required       pam_deny.so
> session    required       pam_permit.so

Weird. Ok, I am going to just go with that, in that 10.5 uses "pam_securityserver.so" and 10.6 uses "pam_opendirectory.so" because that is what the evidence shows.  However, I know I had this working under 10.6 with "pam_securityserver.so", though maybe that was a bug and initially was not supposed to work.

>> How do I figure out the chronology of pam_securityserver.so and pam_opendirectory.so?  I also know that it should not be too hard to conditionally decide which .sample file to copy in for the user based on the major version, ie: 10.5 or 10.6 PPC or Intel, if CPU architecture even matters.  But if this turns out to be a change in minor dot releases of 10.6, I do not know how to detect that granularity in MacPorts.
> 
> You can use the ${os.version} variable and the rpm-vercomp procedure. See the xinit port for an example; it has special step it only runs on 10.6.3 and later.

Ahh, perfect example in the xinit port, thanks.

-- 
Scott * If you contact me off list replace talklists@ with scott@ *