Re: 2 questions...

[warlord <warlord MIT EDU>]

Quoting Colin Walters <walters verbum org>:

> > Having to restart gaim or psi or other apps because there's a
> > race condition between login and network startup?

You ignored this issue...

> > Caching credentials is a HARD problem.  How is PAM supposed to
> > know my kerberos password, unless it stores it somewhere?  I don't
> > want PAM to store my _kerberos_ password.
>
> Why not?  If you wanted to avoid the second password prompt, there's no
> reason for example we couldn't have PAM pass the password on to your
> user session, and then krb5-auth-dialog would try that first before
> prompting you.

Because I don't want my kerberos password cached.. Anywhere.. Anytime.  
Not even
the KDC knows my password..  It only knows my keys derived from my 
password. But honestly I'm sorry I brought up Kerberos -- it's 
detracting from the real
issue which is that Wireless and Wired networks are treated differently during
the startup sequence.

> > Meanwhile, storing network passwords in a place that only root/NM
> > can get to it?
>
> We might need to end up doing this for the server case, but for your
> laptop case I think requiring end users to do system administrator type
> things just to get their laptop working is wrong.  Any time an end user
> needs the root password we have failed.

Who said anything about requiring users to "SysAdmin type things"?  I 
never did.
I've ALWAYS said that NM should remember the preferences globally instead of
storing them in nm-applet.  I don't see how this is requiring a user to do
sysadmin things.

I agree that any time an end user needs the root password we have failed.  I
certainly don't want to have to type that just to connect to a new/different
wireless network.  OTOH I *DO* want the wireless network to come up on its own
BEFORE I LOGIN if it's a network I've ever seen before (or an open network).