On Mon, Apr 28, 2014 at 11:52:20AM -0400, Simo Sorce wrote: > On Mon, 2014-04-28 at 15:32 +0000, Colin Walters wrote: > > On Fri, Apr 11, 2014 at 2:33 AM, Colin Walters <walt...@verbum.org> > > wrote: > > > For the fedora-atomic work, the only not-in-Fedora package is > > > shadow-utils because it requires a patch, that still lives in my > > > walters/rpm-ostree COPR. > > > > I attempted to capture some of this discussion here: > > https://bugzilla.gnome.org/show_bug.cgi?id=729118 > > > > If anyone has more thoughts/ideas please feel free to follow up here, > > and I can update the bug, or comment on the bug directly. > > I am still not convinced it is a good idea to split passwd in multiple > files, besides potentially affecting applications and backup tools and > custom scripts. > - How do you deal with conflicts ? > - What happen when an admin legitimately just use vipw and adds a system > user in /etc/passwd instead of one of the other 2 you mention ? > - How do you propose to resolve users from multiple files ? > - Are you going to introduce new nss modules ? > - Are you going to change pam_unix to lookup from all there files in > different ways ?
Risking being totally offtopic, but would TCB solve all most of this issues? www.openwall.com/tcb/ or http://www.openwall.com/presentations/Owl/mgp00020.html It splits passwd into per-user files. It was discussed here few years ago: https://lists.fedoraproject.org/pipermail/devel/2006-August/089224.html Maybe it's time to revisit? -- Tomasz Torcz Morality must always be based on practicality. xmpp: zdzich...@chrome.pl -- Baron Vladimir Harkonnen -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
