[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: NSS and db support

Matthew Hixson writes:
> Okay, I've been reading into NSS and it sounds pretty amazing.  I was wondering
> if anyone had used the 'db' service specification in /etc/nsswitch.com.  What
> db file does this cause NSS to look at for user information?
>   My life would be greatly simplified if NSS can do what I think it can.  That
> is, use a normal Berkeley DB file to gain user information.

It's under-documented (to say the least) but it works. It looks for a
btree format Berkeley db file in /var/db/passwd.db for passwd,
/var/db/shadow.db for shadow and so on. For passwd, each complete
nul-terminated colon-separated record, "foo:*:4567:...:shell\0", needs
entering under three separate keys: ".foo", "=4567" and "0123"
(a leading 0 plus a decimal record number, starting at 00). Each
shadow entry needs adding under two keys: ".foo" and "0123". The
Red Hat glibc RPM comes with /usr/bin/makedb (no man page but
"makedb --help" gives you a summary) which will convert a flat file
in the form
    .foo foo:*:4567:...
    00 foo:*:4567:...
    =4567 foo:*:4567:...
into the right format, though you may well want to write a Perl
frontend to hook into whatever useradmin stuff you usually use
(just remember to "tie %db, ..., $DB_BTREE").


Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []