[Ibsh-devel] extending ibsh with auth by db
Brought to you by:
nagyat
Menu
▾
▴
[Ibsh-devel] extending ibsh with auth by db
|
From: stazzz <st...@al...> - 2005-03-30 20:50:41
|
Hello there, let's use the list for discussing the idea that came tonight. This is a sum-up of the thoughts we had on the freenode channel. Extending the authentification with databases - hacked login program, that receives connection requests (user+pass), and looks into the classical /etc/passwd, and if it's not ok, it falls back on checking into a database. If the user+pass matches, it will spawn a new process, set*uid it to nobody (configurable?) and spawn an ibsh into it, giving this ibsh the user's records (user name, homedir, ...(?)) - this login program would be configured by a login.conf, giving the information of the account to be used to look in the database, the database IP. The name of the table to be looked up would be set in this .conf too, and the attribute names would be fixed, the same as the /etc/passwd entries. - this login program may accept to connect to different kind of databases (mysql, postgresql, oracle, ...), by the mean of flags given at compile time ime triggering some #ifdef MYSQL in the code. - if compiled with a USERRECORDCOMESFROMLOGIN flag, ibsh would accept arguments telling him the user information, and so it won't use the getpw functions to retrieve them. Whether the user authed with the /etc/passwd or the database, the login program will have to give ibsh all the info of the user ! Still to be discussed on and corrected... |
