[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ifupdown writes to /etc... a bug?

On Sun, Mar 30, 2003 at 03:42:55PM +0200, Bernhard R. Link wrote:
> I think /etc/shadow is good where it is. Somewhere the root-password has
> to be stored and this is merely static. There are /etc/nsswitch and
> /etc/pam.d/passwd for people wanting users passwords store elsewhere.

Agreed. You can get full day to day functionality without needing to
write to /etc/{passwd,shadow}. Personally, my preference would be to use
a shared LDAP server, but I guess it depends on your application...

However, it isn't quite as simple as you make out.

For instance, every /etc/pam.d/* pam module would have to be changed,
not just the password change service.

Also, programs like adduser/useradd/etc only support /etc/password,
/etc/shadow, and /etc/group (AFAIK). So management of these entries
becomes an issue.
Brian May <bam@debian.org>

Reply to: