On Tuesday 11 May 2004 19:19, Panu Matilainen wrote: > I wrote a "pam_cache" module as an quick experiment a couple of years > ago which grabs the essential user+auth information from LDAP when you > login while connected to the network, rewrites the info to /etc/passwd & > friends and thus keeps the accounts more-or-less in sync. It sorta > worked but boy it was ugly :) doesn't sound too bad but I think it shouldn't change /etc/passwd but some /var/cache/pam or the like And it should have some timeout (which of course only makes sense, if the hardware clock cannot be changed by the regular user) > PADL has started some work towards this: > http://www.padl.com/OSS/pam_ccreds.html and > http://www.padl.com/OSS/nss_updatedb.html > However the way it currently works is that it dumps the whole contents > of user and group information from a directory to the local disk, which > isn't really acceptable with tens of thousands of users and groups... that sounds *really* ugly -- http://LinuxWiki.org/RonnyBuchmann
