On August 14, 2015, Michael Torrie wrote: > Useradd only writes to passwd, shadow, groups, etc, and only does so
> directly. That's what I figured. Thanks for the tips. I already wound up writing a set of scripts to emulate useradd/userdel. Now to figure out how to tie smbpasswd in to the pam/nss sequence, so smbpasswd -a doesn't complain when the user isn't in /etc/passwd. :) --- Dan On Fri, Aug 14, 2015 at 4:55 AM, Michael Torrie <[email protected]> wrote: > On 08/14/2015 03:40 AM, Dan Egli wrote: > > Great article, but one question it leaves me. In the article, they don't > > ever use the useradd script. Does useradd ONLY write to /etc/passwd, > etc... > > ? Or, if the table is formed correctly, can it write to the mysql (or > other > > xSQL) table? That is an important question for me. Also, how does such > > pam_mysql and nss_mysql interface with the quota system? I mean, I know > > that the actual fs quota stuff is stored by UID/GID, not username/group > > name. But if I set the pam_mysql/nss_mysql stuff up, and do a setquota, > > will it accept the username? Answers to these questions, or where I could > > find such answers, are most helpful. > > Useradd only writes to passwd, shadow, group, etc, and only does so > directly. I am not aware of any NSS mechanism for writing this > information. It would not be hard to write a script that implements > useradd in a mysql context. Although the script would contain mysql > credentials, it should be readable and executable to root only (just as > /sbin/useradd is). > > As far as authentication goes, I believe PAM does provide a mechanism > for changing passwords. Thus passwd can change passwords via the PAM > mechanism, if the pam module you are using supports it. In practice, > though, it's often easier to implement password changing some other way. > For example in my BYU job, we had a little web page users could go to to > change their password. Most of our users were on Windows anyway, so the > Unix PAM mechanisms did not apply. > > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
