On 27/11/10 15:20, Bret S. Lambert wrote:
On Sat, Nov 27, 2010 at 02:51:02PM +0200, Kapetanakis Giannis wrote:
Looking around getpwent(3) I think it might be possible to extent
it's functionality to include ldap support as well. Furthermore
ypldap's functions (aldap ...) could be used for this (just the
bind/search part).
Does this make any sense or am I missing something vital here?
Yes. ypldap allows you to get the user information without
mucking with the libc user bits at all. You could use the
same thing to get ypradius, ypmsyql, ypguynamedjim, etc, none
of which would require hacking support for the specific backend
into the c library.
You are right on this, but as I look it there are only 3 ways to do such
thing:
a) you implement functionality for databases (passwd, nis, ldap etc) in
libc. Not the best solution but it is allready done for nis. Why not for
ldap as well since nis is dead anyway (compared to ldap at least). The
problem here is to include ldap calls inside libc (no openldap) so this
could be messy and you could introduce risks as well.
b) you implement a layer in libc (fooNSS) which does all the dirty work
to contact those databases.
c) Since NIS is in libc you can use ypldap to do NSS job but I think YP
was not made to do NSS, so it's still a working but an ugly hack.
I would prefer (b) solution but this seems a lot harder to do (at least
for me) than (a).
Giannis
