centralized auth and nsswitch.conf
Richard Coleman
richardcoleman at mindspring.com
Wed Jul 23 16:10:20 PDT 2003
It's a little in the cycle for this question, but I thought I would ask.
One thing I hope that DragonflyBSD will have is some method to do
centralized authentication. I know Matt has said that he dislikes PAM
(I'm not fond of it myself). Since I've primarily worked for service
providers, I've encountered this problem often. Other than Solaris and
(oddly enough) Windows, most operating systems suck in this regard.
One simple way to achieve this is to support nsswitch.conf and have LDAP
support as one of the available switches. This essentially gives you a
clone of NIS. I've always wondered why more systems don't support this
option, since it's essentially what nsswitch.conf was devised for in the
first place.
As a by-product of this, client libraries for LDAP would need to be part
of the base system. I think this is a good thing, since better
integration to directory systems would be very useful.
Richard Coleman
More information about the Kernel
mailing list