[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: Name Service Switch (NSS) for LDAP user authentication -
From: Rob Landley <rob () landley ! net>
Date: 2006-01-27 19:27:37
Message-ID: 200601271327.37269.rob () landley ! net
[Download RAW message or body]
On Friday 27 January 2006 01:46, Tomasz Chmielewski wrote:
> Rob Landley schrieb:
> > On Thursday 26 January 2006 09:08, Tomasz Chmielewski wrote:
> >>Hello,
> >>
> >>
> >>As far as I understand, to do this, one needs Name Service Switch.
> >
> > Which is part of your c library and we don't mess with it. As long as
> > getpwnam() and friends feed us that data we need, we're pretty happy.
> >
> >>What steps do I have to take to add Name Service Switch to a
> >>busybox-based distribution, so that the system could get the users and
> >>groups from an LDAP server?
> >
> > 1) Configure your libc to provide it. I know glibc can, but I doubt the
> > uClibc guys would ever actually want to. (The horror that is pam is
> > probably involved.)
>
> So I'm in trouble, as I use uClibc?
Dunno. Ask the uclibc guys.
> > 2) Tell busybox not to use its internal passwd functions.
> > (CONFIG_USE_BB_PWD_GRP should be off).
>
> But how can that help me fetch the credentials from LDAP?
Your C library should do it for you once you've configured it to. Disabling
the internal busybox password functions means using the ones out of the C
library. Ours are smaller, but not designed to be extended by things like
Pluggable Authentication Modules (pam).
You know, /etc/nsswitch.conf and all that?
Rob
--
Steve Ballmer: Innovation! Inigo Montoya: You keep using that word.
I do not think it means what you think it means.
_______________________________________________
busybox mailing list
busybox@busybox.net
http://busybox.net/cgi-bin/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic