On Tue, 8 Nov 2011, Chuck Swiger wrote:
On Nov 8, 2011, at 3:47 PM, Dan The Man wrote:
In the daily cron "Daily run output" email always get the following:
Verifying group file syntax:
chkgrp: /etc/group: line 3: '@' invalid character
chkgrp expects group names to consist of characters in isalnum().
K so thats a simple fix where it does that check.
Could we modify system to support email addresses as usernames.
Sure, that's why FreeBSD comes with source code.
You can modify anything you like. :-)
However, if you want to use a domain-aware login mechanism, Kerberos is in the base
system, and SASL and LDAP are available in ports. You're not going to break anything
allowing "@" into the list of characters which pw(8) likes, but the flatfile
passwd and group files are not hierarchical the way domain-aware network identity systems
are.
A secondary issue is that there is rarely a one-to-one relationship between
email addresses and users; many email addresses are aliases which expand either
to a different username, or even to multiple users.
Wish you would elaborate abit more here, what I have found is email
addresses tend to make the best usernames, people can remember them :)
They are unique, and you solve 2 problems right away:
a) they can actually remember their username
b) they aren't having to pick through a million different taken usernames
they have to pick on their own, which is frusterating way people often do
signups.
From my testing it works fine, even with "Daily run output" complaining I can
still su to user i added in wheel group.
We'd need to fix ckkgrp source,
adduser source, and making move to:
#define MAXLOGNAME 256 in /usr/src/sys/sys/param.h
You can do that also, but I think you'll break compatibility with NIS/YP.
Well with nss-mysql its as simple as modifying the /etc/nsswitch.conf on
any machine to just point to same db server, works just fine.
You might not care, but don't be surprised if you find that folks aren't
willing to adopt this change back into FreeBSD-- I've seen a few people wanting
to increase MAXLOGNAME since 2003 or so.
I've talked to many sys admins as well, that are all modifying the code to
the kernel for a decade now on every new make buildworld, would be nice to
see it mainstream.
Only issue doing this I have seen so far, is having to nuke the wtmp/utx*
files from /var/log on new installs to get them into new format, but that
would be solved mainstream as well.
I just find the benefits far outweight the cons, sure when we were all
back in our computer science classes in 80s/90s it made sense. We all had
accounts on the system for those 3-4 years, and generic usernames made
sense, but now moving to webhosting environments and providing sftp/ssh
type access to people on a larger scale, I think the email address as
usernames make alot more sense now.
I still teach unix at the university time to time and we still use the old
putty/securecrt to sshd daemon way of learning from the command line, in
that environment I find its about people forgetting passwords, take it up
a notch to webhosting environment, and i find people forget their
usernames to, and why I think it would be a good move...
Dan.
--
Dan The Man
CTO/ Senior System Administrator
Websites, Domains and Everything else
http://www.SunSaturn.com
Email: d...@sunsaturn.com
Regards,
--
-Chuck
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
