Using MySQL as user database
Hi!
I am thinking about using mysql for administering my user database, as it
will probably be quite large (expected round 10000 users).
I thought about the following ways to do this:
1) using normal passwd/shadow files, dumped regularly from mysql
I encountered the following difficulties with this approach:
a) I do not want to store clear passwords anywhere, so
b) I would have to encrypt the user passwords "manually" when adding
a user to the database
2) patching shadow so that it can use mysql for authentication
I think there are even more problems with this approach, because
not only shadow uses the passwd/shadow database, but the whole libc
does, and I'm not sure if all my programs that need user information
use the getpwent() function of the C library...
So my question is:
Has anyone done something like this before?
What do you think is the best approach?
I thought about writing a script that
*) creates the user in the system with a random password that is of
course sent to the printer immediately (well, at least the user
should know his/her password) with all the other account info,
*) creates the user in the MySQL database with no password information,
but details such as account status (active, hold, delete),
and a cron job that
*) updates the password database regularly, that is, removes users
from the database or puts a * into the passwd file according to the
user status in the SQL database
I would greatly appreciate any suggestions on this topic!
Thanks in advance for your help...
Alex
--------------------------------------------------------------------------
"Nobody will ever need more than 640k RAM!"
-- Bill Gates, 1981
"Windows 95 needs at least 8 MB RAM."
-- Bill Gates, 1996
"Nobody will ever need Windows 95."
-- logical conclusion
**************************************************************************
Alexander List @ HTU Graz, Rechbauerstr. 12, A-8010 Graz
Tel: +43-316-873-5111 Fax: +43-316-873-5115
mailto:alexlist@sbox.tu-graz.ac.at
http://www.sbox.tu-graz.ac.at/home/alexlist
PGP public key available via WWW or on request
--------------------------------------------------------------------------
Reply to: