Hello!
I am quite new to Coda and now I am investigating the possibility of
implementing "sign-once system" with Coda+Kerberos on Linux worksattions.
First I want to thank for "Kerberos & Coda - Setup Instructions?" topic
(from Jan Harkes, Ivan Popov, Jorge-Lean) - it was of great help to me
after a week of trying to make Coda to work along with Kerberos.
The point is : so now we have all authentications done in one place (in
Kerberos). But still we need two user/uid database (first one intrinsic
to Coda and another in realm-wide user database), in other words - the
authorization still needs to be done differently. Suppose this "another"
(realm-wide) database is implemented wthrough ns-switch with hesiod
backend (or any other backend - nis,ldap and friends). So we still have
to keep on synch-ing coda users' database with NSS-one. Wouldn't it be
possible to make Coda to get its users through ns-switch (instead of
"pdbtool" one)?
This would have one more side-effect. While I was trying (the "feedback
from joeuser" case) to setup coda on my home workstation, it takes me
quite a long time to learn that the default password for "admin" Coda
user is "changeme". Wouldn't it be better in default case to have Coda
to read its users from /etc/passwd - /etc/shadow files (while keeping in
mind that lately it can be changed) to make things somethat easier to
newcomer?
Thank you in advance.
- Sign-once system on Coda+Kerberos M.Kondrin
- Re: Sign-once system on Coda+Kerberos Greg Troxel
- Re: Sign-once system on Coda+Kerberos Ivan Popov
- Re: Sign-once system on Coda+Kerberos Troy Benjegerdes
- Re: Sign-once system on Coda+Kerberos Ivan Popov
- Re: Sign-once system on Coda+Kerberos M.Kondrin
