[Pkg-shadow-devel] ldap support
Miek Gieben
miek at miek.nl
Wed Jun 11 09:36:51 UTC 2008
[ Quoting Nicolas François in "Re: [Pkg-shadow-devel] ldap support"... ]
> > I've tried it, it didn't work :( I've put an user in ldap, the
> > user 'henkie'.
>
> Sorry, I only checked the output path.
>
> shadow uses an internal API, sgetpwent(), to parse a line, and it
> still reads /etc/passwd by opening it directly.
I saw that.
> On the read path, I can easily change to using getpwent() from the libc
> when building the shadow internal database.
>
> However, the only API from the libc I could find to write a entry in the
> paswd database is putpwent(), and this API requires a FILE handle. Thus,
> writing to LDAP would not be that easy.
Why only use that function? libc itself delegates this task to
libnss-ldap. Looking at the source of that package it seems like all
important 'get()' and 'set()' functions are already there.
So it would "only" be a matter of using these in the shadow utils.
> could require a different logic. The database is remote and could be much
> larger. Reading the entire content of the database when the database is
> read (as done currently) should be changed.
Ack, but if you were to use putpwent(), this code would also be
superfluous?
> I would gladly accept a patch to introduce LDAP, or setup a branch for
> this, but I cannot currently work on it.
I'm willing to work on this, or at least give it a try.
--
grtz,
- Miek
GPG Key ID: 3880 D0F6 http://www.miek.nl/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20080611/174fa073/attachment.pgp
More information about the Pkg-shadow-devel
mailing list