'Re: [Netatalk-devel] no on-system user accounts with dbd and ldap PAM'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netatalk-devel
Subject:    Re: [Netatalk-devel] no on-system user accounts with dbd and ldap PAM
From:       Ralph_Böhme <rb () netafp ! com>
Date:       2014-09-23 20:06:46
Message-ID: BE430207-5161-4DA2-96A7-C3D7F3B8CDA2 () netafp ! com
[Download RAW message or body]


Am 23.09.2014 um 21:34 schrieb Chris Boot <bootc@bootc.net>:

> On 23/09/2014 20:10, Peter Mellett - MacAce wrote:
>> Hi All,
>> 
>> Sorry in advance, this might be pretty vague and definitely packed to 
>> the brim with "what the...".
>> 
>> I've recently taken over maintaining our netatalk install from an 
>> ex-colleague and we have just made some systems changes to eliminate 
>> user accounts from our linux machines.
>> 
>> 
>> We have netatalk 3.1.6 with a custom linux_get_quota function using 
>> our database quotas table instead of the unix quota program.
>> 
>> 
>> Since we have no linux user accounts, the calls to getpwuid/getpwnam 
>> etc are causing strange behaviour with presenting wrong volumes. I am 
>> attempting to stub out getpw* calls to return a passwd struct with 
>> pre-generated values.
> 
> Hi Pete,
> 
> Sorry, but why on earth would you want to not have any user accounts on
> the server? There are standard mechanisms, nss and PAM, to obtain user
> accounts from LDAP. Using those would save you from having to manually
> hack at all the various software you want to use forevermore, would
> allow you to use standard tools and techniques to manage it all and
> prevent you (and/or your successor) from having a massive maintenance
> burden in the future.
> 
> Look into nslcd/nss-pam-ldapd or sssd. Seriously.

Amen.

Cheerio!
-r

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Netatalk-devel mailing list
Netatalk-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/netatalk-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic