[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
  Web www.spinics.net

Re: Feature request: alternate '/' for pam_unix

On Fri, Sep 28, 2007 at 02:36:25PM +0200, Jozsef Kadlecsik wrote:

> In a cluster environment it'd be quite good if one could specify
> alternate passwd/shadow/group files for the pam_unix module.

> I know, one could use LDAP, SQL or db files to store the user data, but 
> all of them have got some shortcomings: LDAP and SQL can be slow or 
> complex to setup in a redundan configuration; db files lack password 
> expiration information, etc.

> In the patch below I implemented the 'rootdir=directory' option for the 
> pam_unix module, by which one can define an alternate root directory when 
> looking up the files. So one can store alternate passwd, etc. files with 
> the user data on a cluster (shared) filesystem, without the need of 
> additional services running.

But you haven't modified any of the code that uses getpwnam() or getspnam()
to query the password database, so AFAICS this patch is useless since it
only affects password updates.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@xxxxxxxxxx                                   http://www.debian.org/

Pam-list mailing list

[Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

Add to Google Powered by Linux