[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unix group to handle CDD roles?

On Wed, Apr 07, 2004 at 12:57:51PM +0200, Andreas Tille wrote:
> Good to know that we have knowledged people in the boat. ;-)

I've only used openldap for a while and like ideas at its base :)

> Perhaps we should consider LDAP as an configuration option: The tools
> which have to be developed for a common cdd package could read some
> configuration file and if there is a "USELDAP=yes" option than go
> this way and leave user groups for the more simple setups.  (Again:
> I'm not really sure whether this suggestion makes sense.)

It makes sense for me. 
I usually like solutions permitting things to works in more then
idempotent way, but this approch implies a strict modularized and
structured infrastructure.
Nothing that cannot be done, of course.

Since Groups and LDAP are idempotent, things can go on using groups,
only rewriting scripts with 'backend' supports.
And IMHO this support should be done even if LDAP is discarded, it's
easy up a future transition form a method to another (ie old to new menu

>From how I see the whole system, Unix groups and LDAP custom distro
directory has a one-to-one relationship (if the LDAP schema do not
evolve to a really complex/multifaced environ, and I'd like to keep as
simple as possible), so it's easy to move from one the another method
with a simple script run.

The real complexity is let the configuration of LDAP
- compatible with existing envoronment/conffiles, if exists
- easy to setup (no question at all, hopefully)

> > Surely LDAP would be a more cleany and unix-like (and funny? :)
> > solution to consider.
> Uhm, I think I have a bad sense of humor because I do not regard
> LDAP as funny. ;-))

Well, studing solutions is usually funny, solving problems is allways a

Cosimo Alfarano, kalfa at {bononia.it,debian.org,cs.unibo.it}
0DBD 8FCC 4F6B 8D41 8F43  63A1 E43B 153C CB46 7E27

Reply to: