Joe, I had the same reqirements, and I am currently combining pam_mysql with nss-mysql. pam_mysql is, of course, used for authentication, while nss-mysql is used to retrieve all of the information that would otherwise be inside the passwd and group files (I disabled the shadow lookup for nss-mysql). After configuring and testing this combination and finding no problems, I ended up deploying it on a production server where, so far, it has proven itself to be both reliable and stable. One word of advice if you decide to go in this direction: don't put system accounts (generally, UIDs below 500) into the MySQL database. Or, rather, configure nss-mysql such that the flat files are searched for account information before the database, otherwise you might end up locking yourself out. So, my current setup has system account credentials in the typical passwd and group files, while all user accounts live within a MySQL database. Hope that helps. Regards, Michael On Sun, 22 Jun 2003 joe@xxxxxxxxx wrote: |> I am trying to implement a system that doesn't require an /etc/passwd, |> plus Winblows systems can authenticate against the system. The |> authentication mechanism uses pam_mysql, which is fine and dandy, but that |> falls back to the /etc/passwd file for things like uid,gid,shell and home. |> |> Now, I want the option of putting that information in a database, and |> working off the database. Is there a method that I would use to set the |> home directory/shell? I can probably get away with setuid and setgid for |> the ID's, but am unfamiliar with the other methods (especially since all |> the examples I find say "the list says I shouldn't do this" and don't |> provide an example, and the actual developers guide says absolutely |> nothing about it either). |> |> Joe |> |> |> _______________________________________________ |> |> Pam-list@xxxxxxxxxx |> https://www.redhat.com/mailman/listinfo/pam-list |> -- /* BEGIN SIG * * "Afraid of change, afraid of staying the same, * when temptation calls, we just look away." * - Barenaked Ladies * * "He started writing in mirror writing, 'Help! I'm * trapped behind the world.'" * - New York State Journal of Medicine * *----------------------------- * Michael Chang * miranda@xxxxxxxxxx * http://www.syndetic.org/ */ _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
