[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: passwd backend operational?
Jorge Amador Arenas Quezada writes:
>> 1.- in some information collected in internet found references about
>> the backend passwd support claiming about not use this module because
>> is not fully implemented (the read only condition is not a problem
>> because i only want to authenticate my users in passwd) ... my first
>> question is ... is operational this module ?
As the slapd-passwd(5) manpage says, "This backend is provided for
demonstration purposes only".
>> May 20 23:03:01 server slapd[6781]: conn=77 op=0 BIND
>> (...)
>> text=operation not supported within naming context
Right. Search is the only operation that backend supports.
Though I suppose it could be useful to update it so it can be used for
authentication. And to add an option which prohibits the "search the
entire passwd file/database", since getpwent() is not reentrant so
other passwd lookups are blocked while it's searching...
On the other hand, I think you can authenticate with passwords from
getpwnam() already: Put
userPassword: {UNIX}username
in an entry, then it'll have that user's password.
>> database passwd
>> (...)
>> directory /var/lib/ldap
>> index objectClass eq,pres
And it does not use "directory" nor indexes, since it does not
maintain any data. It gets its data from getpwent()/getpwnam().
--
Regards,
Hallvard