Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 12 Aug 2012 13:27:31 -0400
From: Rich Felker <>
Subject: Re: Design for extensible passwd[/shadow?] db support

On Sun, Aug 12, 2012 at 11:16:28AM -0400, Jeremy Huntwork wrote:
> On Sunday, August 12, 2012 at 1:38 AM, Rich Felker wrote:
> > Any thought on the pros and cons of these or other appraches?
> > 
> This sounds like it should be a feature of the whole 'new platform'
> suggestion you made on this list earlier, which I'd still like to
> see gain some traction and definition.

Yes and no. I think most users of our 'new platform' for non-server
purposes would typically have 1-2 non-root users and thus no need for
fancy user lookups. This sort of thing is needed for university and
corporate use where you might easily have 10k-100k users and want to
unify the user database (username/uid mappings) across all systems in
your institution.

> If it is a locally running daemon that resolves queries to some
> specified format - what would be the fallback in case that daemon is

getpwnam/getpwuid would simply fail. This is not unlike what happens
when the NIS server is not reachable anyway. It could of course still
scan /etc/passwd first, which would get users like nobody/daemon/etc.

> not running or fails to launch?

"Not running" and "fails to launch" don't make sense as separate cases
unless you're thinking of some FDO-style monstrosity where daemons are
launched as users lazily the first time they're needed. I'm not
considering code to auto-launch daemons, just using a daemon that the
admin would be responsible for starting if using this kind of setup.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.