Duke wrote:
Anywho, I'm just curious how pam handles groups. I wanted to store
group information in a pgsql database as well. For example, if I login
as a user whose login info is all stored in a database (including group
info), when I type "ls" in a shell, how is the information retrieved
that associates user ID and group ID with their names? Is all that info
retrieved by pam_login?
No. Looking up a user or group ID occurs using the built in system calls
getpwent(), or libnss. It is not handled by PAM. I had it stored in a
MySQL database, so it is possible. You just need the proper tools.
But then what about a user whose login info is not stored in a db? Like
root - if I'm logged in as root and am listing files whose uid/gid are
stored in a database, how are their names retrieved?
In the same fashion. nss uses different methods for looking details up
(such as home). These can be files, nis, etc., or specialized drivers
such as pgsql or MySQL. PAM is short for Pluggable Authentication
Modules and only handles the authentication (logging in) of users.
What I'm going to eventually have is a system using a combination of
unix login (/etc/[passwd,group]) and a postgresql database. Anyone else
using combined login storage systems?
It becomes very easy using PAM (for the Authentication side of things)
and libNSS (for the account properties side of things).
Thanks!
No problem.
Thcau!
Joe
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
