X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
Date: Wed, 21 Nov 2007 15:03:54 +0100
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: NSS and PAM
Message-ID: <20071121140354.GB19750@calimero.vinschen.de>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <1195489105.19922.2.camel@station-1.ad.isillc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1195489105.19922.2.camel@station-1.ad.isillc.com>
User-Agent: Mutt/1.5.16 (2007-06-09)
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

On Nov 19 10:18, Jerome Haltom wrote:
> I was wondering what the potential for providing a NSS and PAM
> implementation which used the built in Windows account base by default
> would be.
> 
> Basically it would remove manual generation of /etc/passwd
> and /etc/group. Apps which queryed for these values would just get the
> right things made up on the fly. In my case, this means domain users.
> 
> I'd imagine you would map local users to 'username' and domain users to
> 'DOM\username' or some such, which is basically what Winbind ends up
> doing on Linux.
> 
> Authentication using PAM would simply remove a lot of issues.

And it would generate new issues.  You would never be able to use a
simple user name for a domain user because there's no mapping from a
Cygwin user name to a Windows domain user name.  There would be no place
to store a Cygwin home directory and the user's shell, except you
generate a new file for these mappings.  But then, why not just use
/etc/passwd.  Apart from other problems like having to teach ls to show
more than 8 characters of the user name, there's also the problem of
porting pam to Cygwin.  http://cygwin.com/acronyms/#SHTDI


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/