Re: Bug #23053

To: Turbo Fredriksson <turbo@tripnet.se>
Cc: debian-mentors@lists.debian.org, jim@earth.laney.edu
Subject: Re: Bug #23053
From: Jim <jim@laney.edu>
Date: Fri, 05 Jun 1998 09:48:51 -0600
Message-id: <[🔎] 199806051648.JAA24040@earth.laney.edu>
In-reply-to: Your message of "05 Jun 1998 17:01:07 +0200." <[🔎] m0n2brriz0.fsf@stalin.ccw.se>

Turbo wrote:
> What if I do it the '{user|group}add' way when I change the files? (I haven't
> looked into it yet, but...). I prefer not to start doing systemcall's, exec's
> etc, if I can avoid it...

First...

If you need to call another executable (which you _must_ in this case), you
should use exec; you are absolutely right on the money when you say you don't
want to use system. You are asking, pretty much over and over, "can I directly
edit /etc/passwd, shadow, group, etc?" and the reply is "no" :) 

NOW, HAVING SAID THAT...

What if _common_ methods were provided which the shadow passwd suite would 
actually use to do the edits? Make them really robust and REALLY fast, and
make them accessible from perl.

THE POINT BEING:

Since the data structure for login authentication should be allowed to change,
Only One Interface For Changing Them should be provided, so that any interface
ON TOP OF that can be created.

QUESTION TO ALL: Is the shadow passwd suite an acceptable interface for this 
purpose?

Here's my take: I have typically 1,700 students enrolled in the department
for which the lab I control is used. 1,700 students == 1,700 groups. Try adding
that many groups to your system using groupadd and you'll see immediately (no,
not immediately, in about a half hour) why groupadd is not great. Now add the
1,700 students. No problem: newusers is quite fast. Next, add groups, one
per class section. Now, put 1,700 students into those groups; each student 
into each group for his/her class section. Then tell me (an hour later) you
liked that :)

I know that the shadow passwd suite can be compiled to allow the use of db
files instead of text files. Upon presenting this idea on IRC, one of you
(James Troup, I believe) said: nononononononono... if you do that, you can't
edit them by hand.

But: the whole idea behind "ALWAYS use the interface" is "The underlying data
structure should be allowed to change without the need to change every package
that accesses the data structure."

So... can we compile up a suite that's pam-able and installable and switch-
back-and-forth-able which uses db (or dbm or gdbm or whatever) files?

-Jim

--
To UNSUBSCRIBE, email to debian-mentors-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Bug #23053
  - From: Turbo Fredriksson <turbo@tripnet.se>
- Re: Bug #23053
  - From: James Troup <J.J.Troup@scm.brad.ac.uk>

References:
- Re: Bug #23053
  - From: Turbo Fredriksson <turbo@tripnet.se>

Prev by Date: Re: Bug #23053 (was Re: fix for frozen)
Next by Date: Wrong Architecture
Previous by thread: Re: Bug #23053
Next by thread: Re: Bug #23053
Index(es):
- Date
- Thread