[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gids assigned non-deterministically

On Tue, Oct 10, 2006 at 11:20:26AM +0200, Gabor Gombas wrote:
> On Tue, Oct 10, 2006 at 09:36:56AM +0200, Tim Dijkstra wrote:
> > That is no longer a reality with groups like plugdev, powerdev and
> > netdev, which users need to be a member of to be able to get the wonders
> > of automatically mounted usb-sticks, tweakable power management and
> > whatever comes with the utopia stack.
> Then use pam_group to temporarily assign those groups to users. That way
> the gids can be different on every system, and you can even gain
> performance by having less groups in LDAP.
How does that work?  Do I need to specify that in each client's pam
configuration?  Or on each system's /etc/group?

> Especially if you have more than a handful of users (and if you are
> considering LDAP, I assume you have), groups with hudreds or thousands of
> members can cause headaches.
Yes.  Of course, if you have more than a handful of machines, what you
are describing is a management nightmare.


Roberto C. Sanchez

Attachment: signature.asc
Description: Digital signature

Reply to: