On 08/14/2015 03:40 AM, Dan Egli wrote: > Great article, but one question it leaves me. In the article, they don't > ever use the useradd script. Does useradd ONLY write to /etc/passwd, etc... > ? Or, if the table is formed correctly, can it write to the mysql (or other > xSQL) table? That is an important question for me. Also, how does such > pam_mysql and nss_mysql interface with the quota system? I mean, I know > that the actual fs quota stuff is stored by UID/GID, not username/group > name. But if I set the pam_mysql/nss_mysql stuff up, and do a setquota, > will it accept the username? Answers to these questions, or where I could > find such answers, are most helpful.
Useradd only writes to passwd, shadow, group, etc, and only does so directly. I am not aware of any NSS mechanism for writing this information. It would not be hard to write a script that implements useradd in a mysql context. Although the script would contain mysql credentials, it should be readable and executable to root only (just as /sbin/useradd is). As far as authentication goes, I believe PAM does provide a mechanism for changing passwords. Thus passwd can change passwords via the PAM mechanism, if the pam module you are using supports it. In practice, though, it's often easier to implement password changing some other way. For example in my BYU job, we had a little web page users could go to to change their password. Most of our users were on Windows anyway, so the Unix PAM mechanisms did not apply. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
