1. 41
  1.  

  2. 20

    Really love how we can follow the talk by scrolling down. I hate videos, it’s a waste of time. Thanks for the interesting blog post!

    1. 6

      I didn’t watch the video, but I read the article. Or as much of it as I could: the images are pretty distracting and many didn’t seem to have anything to do with the content. It also seems weird to spend so much time bashing C when Linux (and pretty much every other major modern OS) is written in C. It’s like going to France and complaining about all the oddities of French.

      PAM is complex because it is powerful. It has a learning curve just like lots of other things to do with systems administration and programming. I will grant that the documentation of PAM is lacking, but one of the most well-regarded books on the topic is PAM Mastery by Michael Lucas. I didn’t see any reference to it, so I assume the author didn’t come across any reference to it while researching PAM (which would be a little surprising) or didn’t read it.

      Basically the article can be summed up as, “meh, PAM sucks.” Frankly, this comes off as a just a rant about the kinds of things I end up dealing with every day at work. I feel like this talk/article was a missed opportunity. It would be far more interesting to talk about not only PAM’s weaknesses but how they might be improved, even incrementally. Designing a replacement for PAM would be a massive challenge given its decades of inertia, but even just a rough outline or thought experiment for what one might look like would be better than nothing. There is an unlimited number of things in this world to complain about, complaints have little to no value. But well thought-out solutions do.

      1. 1

        I agree the documentation can be lacking some, but I never found it a deal breaker. I never found PAM to be all that hard to handle and I’ve written a few PAM auth plugins.

        I’ve never felt terror when dealing with PAM.

      2. 6

        This seems like really low effort content that I don’t like seeing on lobste.rs. It seems like lots of fluff without actually something to say. No, I’m not against the pictures and memes etc. What I don’t like is that “I couldn’t configure this software” is something that I see on the frontpage.

        No animosity intended, despite the harsh criticism. I am open to discussion and counter arguments.

        1. 26

          I’m going to add a “remove the visual aids” button in the future. Here’s the text form of this conference talk: https://gist.github.com/Xe/400756b7d93f40b0b7ec48c65b7d066d

          It’s going to take me a bit to research and design a better way to do that though. A lot of it arguably requires me to rethink a lot about my talk pages. That takes a nonzero amount of deep thinking time.

          I’m sorry if my conference style didn’t work well with you or translate well into the webpage I made. I’m using a modified takahashi style for slide making with memes instead of only a few words. I’ll try to make this better in the future. It was one of the most loved talks at this year’s RustConf by my recollection.

          This is not low effort though. Between all the revisions, research, scripting, making slides, editing, and more I’ve easily sunk over 50 hours of work into this talk. Here is the script I wrote for this (sorry for the auto download, I’m writing this comment on my phone). I’m sorry if it doesn’t look like it. Writing this stuff is hard.

          As for what I’m actually saying, I think the subtle point I’m trying to make is that we have a basically undocumented library in the critical path of sudo, and it being undocumented makes it hard to want to extend with a good faith effort. I also had that “I cant configure PAM” part act more as an engineering log to demonstrate the debugging process for when printf debugging fails you and you actually have to reach deep into the beast to find out what is going on. I’m sorry if this came off as annoying. Maybe a universally ubiquitous authentication library used on nearly every cloud server and Mac should be easier to deal with. Or replaced outright. I don’t know. I’m not a systems architect, I’m a shitposter that tries to staple things together for their own amusement.

          The memes are there to help make the talk less dry and slow. This may also be a generational thing, a lot of those memes are used as ideograms to help convey deeper meaning than the text alone. As an amateur linguist, it is fun to use memes as ideograms and make associations in people’s heads. If only because when that old meme comes up, they remember my talk. They remember the pain. They wonder why we have to suffer that way. Maybe someone starts to come up with an idea to actually fix the issue.

          1. 7

            Protip: No matter what you publicly do, there is always going to be haters. Accept that you cannot please everybody.

            1. 10

              Not a hater :) I honestly wanted to provide constructive criticism to the community in general. I’ll take the hater characterization in consideration though to be less harsh/mean in the future, thank you.

              1. 3

                If that truly was your goal, please evaluate alternative mechanisms for expressing said criticism.

            2. 4

              honest answer: I skipped over the text mostly, as it kinda disappeared between the memes

              so my takeaway is:

              • something something PAM old C codebase, used everywhere (horrible), can be twisted, turned and extended as you like
              • Anya meme I’ll pirate for introduction-to-c classes

              but please don’t let this prevent you from making further talks
              ~ someone maintaining PAM running boxes and ignoring for their own sanity what ever is doing the root-login process

              1. 1

                I enjoy css checkbox hacks with sibling selectors to enable display: none (or a different mechanism if you want a css translation)

              2. 22

                I think “low effort” is way off base here…

                Just putting together any coherent talk with slides and presenting it takes time. In this case, the talk flows well, was not just coherent but smoothly presented (and probably rehearsed), and includes a blog post version.

                I mean, if you didn’t get value from the content, ok, but this is not only not “low effort,” but probably in the top 10% of effort for things posted here, which include many short blog posts and pieces that took far less time to produce.

                1. 12

                  I worked on this for an entire work week and then more over the weekend. I’d estimate that I put at least 55 hours of effort into it, including the post for my blog.

                  This includes the entire talk draft I had to throw away (after it was rehearsed, filmed, composited and edited) because it was depressingly boring. This talk was like REALLY BAD before I rewrote a majority of it to just emphasize the shitposting. I’m gonna write about the failures and maybe even embed the failed version in another post to my blog. I just need to craft a good charm of clickbait for its title because too many people only read titles.