Re: ifupdown writes to /etc... a bug?

To: debian-devel@lists.debian.org
Cc: Brian May <bam@debian.org>
Subject: Re: ifupdown writes to /etc... a bug?
From: "Bernhard R. Link" <blink@informatik.uni-freiburg.de>
Date: Mon, 31 Mar 2003 15:55:47 +0200
Message-id: <[🔎] 20030331155546.B9400@ganymed.informatik.uni-freiburg.de>
Mail-followup-to: debian-devel@lists.debian.org, Brian May <bam@debian.org>
In-reply-to: <[🔎] 20030330224801.GA13354@snoopy.apana.org.au>; from bam@debian.org on Mon, Mar 31, 2003 at 08:48:01AM +1000
References: <[🔎] b4lq2r$clk$1@news.cistron.nl> <[🔎] 20030312083227.GA23126@azure.humbug.org.au> <[🔎] 1047477161.8182.289.camel@thanatos> <[🔎] 20030312170356.GC2946@dragon.kitenet.net> <[🔎] 87u1dn1220.fsf@mrvn.homelinux.org> <[🔎] 1048916578.26710.69.camel@bohr> <[🔎] E18zCLV-00014s-Qh@mid.downhill.at.eu.org> <[🔎] 1048950785.26716.91.camel@bohr> <[🔎] 20030330154255.A9870@ganymed.informatik.uni-freiburg.de> <[🔎] 20030330224801.GA13354@snoopy.apana.org.au>

* Brian May <bam@debian.org> [030331 01:05]:
> Agreed. You can get full day to day functionality without needing to
> write to /etc/{passwd,shadow}. Personally, my preference would be to use
> a shared LDAP server, but I guess it depends on your application...
> However, it isn't quite as simple as you make out.
> 
> For instance, every /etc/pam.d/* pam module would have to be changed,
> not just the password change service.

Ok. I was not very verbose. All those programs need a changed
pam-config, that do want to change passwords. (What besides passwd
currently is able to so? login/?dm maybe to enforce password-aging
but I never heared of anyone using this).

> Also, programs like adduser/useradd/etc only support /etc/password,
> /etc/shadow, and /etc/group (AFAIK). So management of these entries
> becomes an issue.

In a perfect world theese should support nss or at least pam, too.
While passwd should support pam, useradd is queestionable. (adduser
is no addional problem as it just calls useradd and passwd to do the
work).
Sadly playing with pam (expecially within such important programs) is
a nontrival task and nothing I'd hope to get it right myself.

Hochachtungsvoll,
  Bernhard R. Link

-- 
Sendmail is like emacs: A nice operating system, but missing
an editor and a MTA.

Reply to:

References:
- Re: ifupdown writes to /etc... a bug?
  - From: miquels@cistron-office.nl (Miquel van Smoorenburg)
- Re: ifupdown writes to /etc... a bug?
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: ifupdown writes to /etc... a bug?
  - From: Thomas Hood <jdthood0@yahoo.co.uk>
- Re: ifupdown writes to /etc... a bug?
  - From: Joey Hess <joeyh@debian.org>
- Re: ifupdown writes to /etc... a bug?
  - From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
- Re: ifupdown writes to /etc... a bug?
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: ifupdown writes to /etc... a bug?
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: ifupdown writes to /etc... a bug?
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: ifupdown writes to /etc... a bug?
  - From: "Bernhard R. Link" <blink@informatik.uni-freiburg.de>
- Re: ifupdown writes to /etc... a bug?
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Non-shared-use shared libraries, and the override file
Next by Date: Re: ifupdown writes to /etc... a bug?
Previous by thread: Re: ifupdown writes to /etc... a bug?
Next by thread: Re: ifupdown writes to /etc... a bug?
Index(es):
- Date
- Thread