Date: Mon, 19 Jul 1999 16:18:06 -0400 From: "David E. Cross" <crossd@cs.rpi.edu> To: Jason Thorpe <thorpej@nas.nasa.gov> Cc: Dominic Mitchell <Dom.Mitchell@palmerharvey.co.uk>, "David E. Cross" <crossd@cs.rpi.edu>, Oscar Bonilla <obonilla@fisicc-ufm.edu>, freebsd-hackers@FreeBSD.ORG, crossd@cs.rpi.edu Subject: Re: PAM & LDAP in FreeBSD, and userfs too. Message-ID: <199907192018.QAA13279@cs.rpi.edu> In-Reply-To: Message from Jason Thorpe <thorpej@nas.nasa.gov> of "Mon, 19 Jul 1999 12:55:19 PDT." <199907191955.MAA13308@lestat.nas.nasa.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Lovely. Sounds like a much better way to do the Solaris/Linux (and > > NetBSD?) /etc/nsswitch.conf stuff. On Solaris at least, this is > > implemented using masses of weird shared objects... > >The plan for NetBSD is that things will also be handled with dynamic >modules, but those dynamic modules will be glued into a `nscd'[*] (if you >use Solaris, you're familiar with the name :-). > >[*] We are planning on not having all of the problems that the Solaris >nscd has, and that people often complain about. > >This will allow libc to simply make a call to nscd (or fallback onto >traditional `files' lookup), and nscd will handle all but the `files' >case. This allows system-wide caching, and puts all of the complexity >in one place. > >Involving one or more user mode file systems seems like ... the wrong >approach for a name service switch. Tomato, Tomatoe. The difference between the 2 methods is in their interaction with the database itself. You will be providing a socket-ish interface to the cache, my plan is for a filesystem interface, heck it could probably do both. I personally prefer the FS approach in dealing with both on Solaris and Irix. What Irix does well, Irix does very well. The FS method also allows more complex permission checking on access to various databases, like shadow, because the node in a directory had the added granularity of being group readable. It also gives you the flexibility of the shell, or a web-browser, to get at the data. Another idea I had considered was placing something ala 'rc.conf' into a database to allow easy distribution throughout many computers (this would obviously be configuration later in the boot process). Having a FS style interface makes it much easier for programs to get at the data in a clear, consistent manor. These are just my ramblinngs, and it seems we are quickly converging on the same basic idea with slightly different (but perhaps compatible) implementations. -- David Cross | email: crossd@cs.rpi.edu Systems Administrator/Research Programmer | Web: http://www.cs.rpi.edu/~crossd Rensselaer Polytechnic Institute, | Ph: 518.276.2860 Department of Computer Science | Fax: 518.276.4033 I speak only for myself. | WinNT:Linux::Linux:FreeBSD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907192018.QAA13279>