| 1 |
Yogesh Sharma wrote: |
| 2 |
> On 07:43 A. Khattri wrote: |
| 3 |
> |
| 4 |
>>Incidently, you can use libnss-mysql to avoid having to create an |
| 5 |
>>actual |
| 6 |
>>system account if you need "true" virtual users. |
| 7 |
> |
| 8 |
> |
| 9 |
> |
| 10 |
> Any link to documentation or example for implementing libnss-mysql based |
| 11 |
> virtual users ? |
| 12 |
> Database schema, user name, config file etc. |
| 13 |
> |
| 14 |
It's pretty straightforward. libnss-mysql configuration file takes a SQL |
| 15 |
query for each get*() call, so there are no constraints for the db |
| 16 |
schema. Examples are in /usr/share/doc after installing the package. |
| 17 |
What I haven't figured out yet: Calls to NSS are made in the context of |
| 18 |
the user running e.g. "id", so if you use a socket connection to mysql |
| 19 |
you need to allow *every* user to read from the socket. I haven't |
| 20 |
investigated the implications in terms of security yet. |
| 21 |
|
| 22 |
cheers |
| 23 |
Paul |
| 24 |
-- |
| 25 |
gentoo-server@g.o mailing list |
Archives