On Thu, Sep 02, 1999 at 10:43:24AM +1000, Hugh Irvine wrote:
> > manage our users, simply by making them members (or not) or certain
> > groups. However, I now have a problem: If a user has the primary group
> > "email", radiator does not use it, and auths them with the second entry.
> > However, if I now put the username into the /etc/group file with group
> > "email", it works OK. This becomes a problem because I have more than
> > 1000 users, and the entries in the /etc/group file are limited to a
> > certain length. Is this a failing in Radiator, or am I doing something
> > wrong?
>
> You aren't doing anything wrong - Section 13.1 of the Radiator 2.14.1 reference
> manual explicitly states that the Group check item will check the UNIX
> /etc/group file. I think you will have to do something different - possibly
> have two separate users files corresponding to your two groups.
>
You might also want to look at some of the other Auth modules, as AuthUNIX
is only traditional non-shadow /etc/passwd. AuthPAM or AuthSYSTEM.
A brutal hack on AuthUNIX will also work, here's what I did to mine:
---
# return defined $group_of_last_user_found
# && $self->{GroupsToGID}{$group} == $group_of_last_user_found;
my $grouptest = grep { $_ eq $user } split(/,/, $self->{Groups}{$group});
# getpwnam is not supported on Win95
if ($grouptest == 0 && $^O ne 'MSWin32')
{
my @userarray = getpwnam($user);
my @grouparray = getgrgid($userarray[3]);
$grouptest = 1
if ($grouparray[0] eq $group);
}
return $grouptest;
}
1;
---
The only problem here is that access to the /etc/passwd will be uncached and
you could encounter performance issues if your /etc/passwd changes a lot.
[EMAIL PROTECTED]
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
