Re: Bug #23053
Jim <jim@laney.edu> writes:
> First...
>
> If you need to call another executable (which you _must_ in this case), you
> should use exec; you are absolutely right on the money when you say you don't
> want to use system. You are asking, pretty much over and over, "can I directly
> edit /etc/passwd, shadow, group, etc?" and the reply is "no" :)
Yes... I understand why now, sorry about all this...
> NOW, HAVING SAID THAT...
>
> What if _common_ methods were provided which the shadow passwd suite would
> actually use to do the edits? Make them really robust and REALLY fast, and
> make them accessible from perl.
I have had time to think about mine and James points during the weekend, and
I have now a little more understanding of the problem, and my own underlying
points... One's that I had not fully clear to me at the time (Friday).
This is what my code manage, which useradd does not:
1. Sort passwd/shadow/group (in {user|group}{name|ID} order).
2. Keep NIS entry last.
3. Change NIS entries (in NIS database).
Point 1 might not seem important, but if you, like me, have _ALLOT_ of users,
it's a quite relevant issue... (at least to me), it makes the whole file[s]
more readable and understandable (read Jim's note about the 1700 users...
been there...)
Point 3 is what I consider the most important, and which bugs me the most...
every f-n time I add/remove/change the passwd/shadow/group file I have to do
a make in /var/yp... (and usually I forget, with some grief to the user...)
How about making a library for these functions, which {user|group}add (and
my program, via perl) can use _INSTEAD_ of having them hard coded in useradd?
IE. _MOVE_ the functions into a {dynamic|static} library, which belong to
the passwd package, which is used by any program that want to access
the user/group database's...
That way all can be happy... (and I don't have to do a _MAJOR_ rewrite of
xAdmin... :)
> THE POINT BEING:
>
> Since the data structure for login authentication should be allowed to change,
> Only One Interface For Changing Them should be provided, so that any interface
> ON TOP OF that can be created.
Two set of libraries, passwd-lib, passwd-pam-lib (and perhaps passwd-md5-lib).
This lib can then be used by xlock/xdm et all (pam'able).
> I know that the shadow passwd suite can be compiled to allow the use of db
> files instead of text files. Upon presenting this idea on IRC, one of you
> (James Troup, I believe) said: nononononononono... if you do that, you can't
> edit them by hand.
A third library, 'passwd-[g]dbm-lib'.
--
---------------------------------------------------------------------
___________ Debian GNU/Linux Unix _IS_ user friendly - it's just
___ /___(_)__________ _____ __ selective about who its friends are
__ / __ /__ __ \ / / /_ |/_/
_ /___ / _ / / / /_/ /__> < Turbo Fredriksson Tel: +46-704-697645
/_____/_/ /_/ /_/\__,_/ /_/|_| S-415 10 Göteborg turbo@tripnet.se
PGP#788CD1A9 SWEDEN www5.tripnet.se/~turbo
------- PGP: B7 92 93 0E 06 94 D6 22 98 1F 0B 5B FE 33 A1 0B ------
--
FSF smuggle NSA strategic radar colonel South Africa assassination FBI
North Korea World Trade Center Legion of Doom Albanian Delta Force
Serbian
--
To UNSUBSCRIBE, email to debian-mentors-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: