[rsbac] nsswitch and pam configuration for UM

[Palon Setin]

Hi!
I have no issue compiling and installing. I'm running the latest
4.19.8-rsbac.
But I can't find any help with configuring /etc/nsswitch.conf and
/etc/pam.d/*.
The closest I found is 7 yrs old:
https://www.rsbac.org/pipermail/rsbac/2011-January/002565.html
The tips in the rsbac-admin package don't help either, they too appear
to be old.

Here's a fraction from:
$ info libc "Name Service Switch"

29.2.3 Notes on the NSS Configuration File
------------------------------------------

Finally a few more hints. ...
...    The ‘passwd’, ‘group’, and ‘shadow’ databases are traditionally
handled in a special way.  ... This kind of lookup remains possible if
the GNU C
Library was configured with the ‘--enable-obsolete-nsl’ option and the
special lookup service ‘compat’ is used.  If the GNU C Library was
configured with the ‘--enable-obsolete-nsl’ option the default value for
the three databases above is ‘compat [NOTFOUND=return] files’.  If the
‘--enable-obsolete-nsl’ option was not used the default value for the
services is ‘files’.
...
$

I'm not even in the clear which package contains /etc/nsswitch.conf in
the stock Debian install... And I have no experience compiling libc...

Is it necessary to recompile (and which package exactly of) libc with
‘--enable-obsolete-nsl’ to get the tip in the current rsbac-admin
implementable?

I have tried following what I found, in rsbac-admin, and in the page
from 2011 linked above, as well as tips from:

https://www.mad-hacking.net/documentation/linux/security/rsbac/security-migration.xml

Similarly, /etc/pamd.d/* is completely different nowadays than what can
be found in documentation.

I have these libraries, from the latest (2018-08) rsbac-admin, installed:

/lib/libnss_rsbac.a
/lib/libnss_rsbac.la
/lib/libnss_rsbac.so
/lib/libnss_rsbac.so.2
/lib/libnss_rsbac.so.2.0.0

/lib/security/pam_rsbac_oldpw.so
/lib/security/pam_rsbac.so

(which installation I think I did correctly).

Any suggestions how to solve these issues?