> > > Is it feasibly possible to remove all user account authentication from the > > shadow file system and put it into LDAP or authenticate against MySQL using > > say PAM. > > I imagine so. > > > Would that not make user and permission handling =much= easier? > > You'd have to explain why you think that. I think that it would be pretty > close to equivalent.
Just thinking. :) If one could have all groups and users in a database with constraints and referential checking of whatever "company policy" one may have on project access for users. I am thinking of enforcement of use cases and the ability to perform audits and what not. I have a feeling that SQL and php =could= be easier to work with than shell scripts. Or does this equate to a reduction in sophistication? I have just written a long algorithm for the creation of user accounts, file spaces, ftp only accounts with chroot'd filespaces, GID's and sticky bits for our client projects we host (on RH71). There is a lot of cmoding this, chgrping that and creating this.......order of operation.... I thought to myself - could this be done (managed) in an easier fashion? That is also portable from system to system? From vanilla RH to Mitel SME, etc. Or have some type of inheritance from a SME server to our vanilla RH boxes? I take it that the scripts Mitel use have been fairly well battle tested now? Should I focus my energies more on adaptation of those as opposed to wandering off on some other tangent? Cheers, Richard. -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
