[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: External authentication, no entry in /etc/passwd: possible?




You wrote:
>On Sat, 14 Mar 1998, Ingo Luetkebohle wrote:
>
>> Michael K. Johnson wrote:
>> > You would need a libc NSS module to support your RADIUS authentication.
>> This sounds interesting. What is a "libc NSS module"?
>
>A shared library listed in /etc/nsswitch.conf that glibc uses to get
>information.  Most of us are probably using libnss_files.so by specifying
>"files" on the passwd line, and a new module could be written to retrieve
>the information from RADIUS and return it in a passwd struct.

There's a LDAP module for the NSS at http://www.xedoc.com.au/~lukeh. (Note
that I've only had the resources to test it under Solaris. It does build for
the Linux NSS, however. It's a similar "problem" to PAM under Linux and
Solaris, although the NSS design is very different between the two operating
systems.)

This might help you if you're running Novell's LDAP gateway to NDS, however
it assumes that "useful" information like POSIX UIDs and GIDs are in your
directory. If this isn't the case, then mapping users to "guest" or somesuch
may be a better idea. The LDAP module will try and coax a DES hashed
password out of a directory server (unlikely with NDS) -- you may still want
a PAM module to solve the authentication problem.



-- Luke



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []