Any C coders want to help me with something?

Toshio Kuratomi a.badger at
Thu Apr 30 16:53:39 UTC 2009

Mike McGrath wrote:
> On Thu, 30 Apr 2009, Ricky Zhou wrote:
>> In some distant future version of FAS, I'd
>> like to play with the idea of storing the data in LDAP while handling
>> our group sponsorship system in postgres.
> Ick
heh :-)

I think ricky's approach could work but it would need planning.  The
idea would be to increase the complexity of FAS but decrease the
complexity for everything we deploy that needs authentication.  We'd
want to examine that assumption in the planning phase to make sure it's
actually true for us.

For instance, there was the thought that having cached credentials on
our servers was preferable to what happens to when the LDAP server goes
down.  Still a concern?

We currently mask a lot of information for the privacy policy, can we do
that with LDAP?  (Or just not put the information in there?)

We let third parties (like the hosts to let packagers try building on
ppc, x86_64, etc) use fas to get ssh keys.  Would we let them connect to
and get that information from the LDAP server instead?

We let people use their normal accounts to get a subset of data for
authenticating to their web apps while they're developing them.  Would
we enable the same setup with LDAP?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Fedora-infrastructure-list mailing list