[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pwdb question



On Tue, 5 May 1998, Mihai Ibanescu wrote:

> 	Now, since pwdb shoud handle all accesses to the password
> databases, shouldn't all applications be linked against libpwdb? Since
> everybody speaks about the slowliness of a box with more than 2k users,
> one can think of moving the entire /etc/passwd model to a different
> thing (like gdbm or sql). Probably pwdb should do this, but a quick
> check showed me that wu-ftpd, ipop3 and all other usual servers are NOT
> pwdb-aware. I know, it would take a HUGE amount of work to do it; should
> somebody do it? 

Getting a program that relies on the POSIX functions (getpwnam() and its
ilk) to work with pwdb requires a recompile with one of the pwdb header
files included, which I guess is not an option for an entire distribution.

Probably the easiest way to get everything to work with pwdb is to write a
module for nsswitch to query pwdb and return the results.  For a while now
I've been working on a module to do that, and have a working prototype at
http://www2.ncsu.edu/eos/project/linux/lug-devel/nss_pwdb-19980504.tar.gz

The idea is that you compile and install the shared library, and add
"pwdb" to the "passwd" and "group" lines in /etc/nsswitch.conf.  An
application that wants info about a user then calls the libc function,
which calls the appropriate function in the module, which calls pwdb, etc.
This way, nothing need be recompiled. 

There are no provisions for security checks, and the enumeration functions
aren't there yet, but it tested out okay for me, and I'd appreciate if
people would try it out and give me some feedback. 

Nalin



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []