[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: systematic Kerberization
- From: Ronny Buchmann <ronny-vlug vlugnet org>
- To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
- Subject: Re: systematic Kerberization
- Date: Tue, 11 May 2004 22:54:26 +0200
On Tuesday 11 May 2004 19:19, Panu Matilainen wrote:
> I wrote a "pam_cache" module as an quick experiment a couple of years
> ago which grabs the essential user+auth information from LDAP when you
> login while connected to the network, rewrites the info to /etc/passwd &
> friends and thus keeps the accounts more-or-less in sync. It sorta
> worked but boy it was ugly :)
doesn't sound too bad
but I think it shouldn't change /etc/passwd but some /var/cache/pam or the
like
And it should have some timeout (which of course only makes sense, if the
hardware clock cannot be changed by the regular user)
> PADL has started some work towards this:
> http://www.padl.com/OSS/pam_ccreds.html and
> http://www.padl.com/OSS/nss_updatedb.html
> However the way it currently works is that it dumps the whole contents
> of user and group information from a directory to the local disk, which
> isn't really acceptable with tens of thousands of users and groups...
that sounds *really* ugly
--
http://LinuxWiki.org/RonnyBuchmann
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]