[Pkg-shadow-devel] ldap support
Nicolas François
nicolas.francois at centraliens.net
Tue Jun 10 16:18:46 UTC 2008
Hello,
On Tue, Jun 10, 2008 at 04:18:35PM +0200, miek at miek.nl wrote:
>
> I'm reading the TODO in the shadow-pkg and it says:
>
> ALL:
> - move base passwd/shadow/group/gshadow operation to module for
> allow write diffrent backend modules for db, NIS, LDAP and
> others. Default backend it will be goot if will be choosen
> depending on /etc/nsswitch.conf and allow overwride this by -r
> <repository> options (where the <repository> can be file, db,
> nis nisplus, ldap .. like on /etc/nsswitch.conf in service
> column). passwd have old piece of code with handling -r option
> and it will be good finish this and propagate on other shadow
> tools for allow operate on other user databases by well known
> tools.
>
> I'm not getting this.. as you are using setpwent (for instance) you
> should be getting the backend for free? As glibc will do the heavy
> lifting and will update the appropiate backend?
This might be an old TODO entry (shadow used to have its own API to read
and write in the passwd/group/shadow files).
Now shadow uses pupwent, putspent, and putgrent (look for the group_ops,
etc. structures) for writing the entries in the databases, and that should
be sufficient.
(Note: gshadow is special because it is not supported by the libc)
However, I never tried this. If you could try it, that would be great.
Note: Regarding the -r option, I'm not convinced it would be really
useful. Only passwd supports it, and only the "file" repository is
supported currently. I would prefer to drop it from passwd.
> Same goes for, chage, chsh etc.
As I don't have any LDAP setup at hand, that would be great if you could
report if it works for these various tools.
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list