On Sat, 31 Jul 1999, Alex Zepeda wrote:
> The easiest way I can think of would be to add them to /etc/passwd and set
> their shell and home dir to /nonexistant. Ideally you wouldn't be running
> any other daemons, so there'd be no real way for them to access files; but
> the stock ftpd, as well as sshd offer ways to disable access to specific
> users.
>
> Dealing with "real" users IMO is quite a bit less hackish.
I like the 'keeping it real' idea as well.
Then again, doesn't 3.2R+ support SecureRPC? Isn't this the sort of thing
NIS+ was invented for? A centralized db of users that you can then export
to various machines with differing characteristics? I.e. couldn't you
import the NIS db to your mail box(es) with /nonexistent home directory
and /sbin/nologin shell? Name and password pairs would still exist,
allowing any SMTP/POP3 daemons I know of to work without change.
If NIS sends chills down your spine, I guess you could also do a bit of
non-daemon-based hackage... make a script replace the home directory and
shell fields with appropriate values in a copied passwd and rsync the
thing to your mail boxes...
Then again, SQL seems to be the current buzz... Having SQL-based access
is cool/manageable (a friend generates the MySQL db from his Radius users
file).
As usual, there's more than one way to skin a cat.
Later,
--mike
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
