> It looks like we've got some good concurrent projects happening at the > moment - markm and co working on PAM, the nsswitch.conf project you're > talking about, and the stuff I'm working on with modularizing crypt() and > supporting per-login class password hashes (I've rewritten the library > since I last posted about it and expect to have my code cleaned up by > tomorrow night for another snapshot). > > The thing to make sure is that we don't tread on each other's toes, and > basically that we look for the big picture and how all these projects fit > together. >
Ok, this is my understanding of the thing: There are two parts to the problem, first we need a way to tell the system where to get its information from (call them databases, tables or whatever). This should be done a la solaris, with /etc/nsswitch.conf telling if this is to be fetched from "files, ldap, nis, dns, etc". We need to recode all the programs that obtain this info directly from files to get it from a library (this would be nsd). And then code the library itself to get the info from /etc/nsswitch.conf Second, we need a way to authenticate the user... this is what PAM does. What would need to be done is change the pam modules to make them nsd aware (i.e. where should I get the passwd from?) or make them /etc/auth.conf aware? this is the confusing part... where does crypt fit into this? crypt would get what from /etc/login.conf? regards, -Oscar -- For PGP Public Key: finger oboni...@fisicc-ufm.edu To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
