Re: Shell accounts for multiple domains on one box
On Wed, Mar 23, 2005 at 11:02:04PM -0500, Stephen R Laniel wrote:
> On Wed, Mar 23, 2005 at 10:55:59PM -0500, cfm@maine.com wrote:
> > IBM offered virtual servers like that a couple of years
> > back for free test period. You might get some information
> > on their web site about it. It was their z-series. Developers
> > could get root access on a virtual machine; if I recall the
> > real machines were supposed to be able to service thousands of
> > virtual machines.
>
> I don't know if I need anything that serious. Basically, all
> I need right now is to allow the following: if there's a
> user jeff@foo.com and a user jeff@bar.com, we won't run into
> troubles, because the system will somehow be domain-aware.
ssh isn't domain-aware, and neither is the unix username/uid/groupname/gid
system.
unless you want to run virtual servers as others have suggested, your
only choice is to make unique accounts for each user. e.g. "jeff1" and
"jeff2", or use first initial and surname or whatever.
> I could get rid of shell access and go with postfix/exim/pick-your-MTA
> virtual mail domains, then use Apache virtual web domains and so
> forth. But I wonder if I could get that last bill of shell love.
nope.
you probably don't want to be offering shell acounts anyway....most
customers don't need them, never use them, and if they have dumb
passwords the most likely person to login is some script-kiddie cracking
the account. you definitely don't want to make it easy for them to get a
shell.
> I'm sure there's some hackish way to write a script that, say, looks
> at the form of the username I'm creating, parses it into a username
> and a domain name, and creates the corresponding /home/domain/user
> directory, but I was hoping there was some more professional-grade
> approach.
unix itself doesn't support multiple different users with the same login
name. it doesn't have any concept of domains.
craig
--
craig sanders <cas@taz.net.au> (part time cyborg)
Reply to: