Hi,
I would like to implement support for non-local shell changing in chsh
at the very least, and possibly support for non-local user attributes
in general for the other attribute modification tools in login-utils.
For my purposes I need LDAP support, but it would probably be better
to make it able to use an arbitrary storage backend. Ideally an API
would already exist for this, but while one for setting authentication
tokens has evolved (pam_chauthtok) and one for reading user attributes
(Name Service Switch NSS), but none for setting them as far as I can
tell. As such, I think the best route would be just to make a new API
for this.
I thinks this could be done by adding a new configuration file and
module api. The configuration file would contain information on what
user ids to map to which name attribute changing module (and allow
users to specify only some attributes to go to specific modules). The
module api would consist of a single entry point which would take a
string indicating what attribute to change ("shell", etc.), and the
user id. The function could return any of a set of standard error
codes (permission denied, success, user unknown, etc). chsh would move
all passwd file logic outside of itself and into one of these modules,
and use dlopen/dlsym to load the desired function out of the desired
module.
Should I implement this route and send patches for review, or would
there be some other preferred route to getting the feature into
login-utils?
Thanks,
Cody
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
