With that many users, wouldn't it be best to just authenticate everything
directly from the database? You've probably on got a handful of things
that people need to be authenticated for way...
dialup
incoming/outgoing mail
ftp
Then, only those who really NEED shell access need be in the passwd/shadow
files.
Eric Calvert
Caveland Connection
http://www.caveland.net
-----Original Message-----
From: Alexander List <[EMAIL PROTECTED]>
To: debian-user@lists.debian.org <debian-user@lists.debian.org>
Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, September 17, 1998 11:19 AM
Subject: Using MySQL as user database
>Hi!
>
>I am thinking about using mysql for administering my user database, as it
>will probably be quite large (expected round 10000 users).
>
>I thought about the following ways to do this:
>
>1) using normal passwd/shadow files, dumped regularly from mysql
>
> I encountered the following difficulties with this approach:
>
> a) I do not want to store clear passwords anywhere, so
> b) I would have to encrypt the user passwords "manually" when adding
> a user to the database
>
>2) patching shadow so that it can use mysql for authentication
>
> I think there are even more problems with this approach, because
> not only shadow uses the passwd/shadow database, but the whole libc
> does, and I'm not sure if all my programs that need user information
> use the getpwent() function of the C library...
>
>So my question is:
>
> Has anyone done something like this before?
>
> What do you think is the best approach?
>
> I thought about writing a script that
>
> *) creates the user in the system with a random password that is of
> course sent to the printer immediately (well, at least the user
> should know his/her password) with all the other account info,
> *) creates the user in the MySQL database with no password information,
> but details such as account status (active, hold, delete),
>
> and a cron job that
>
> *) updates the password database regularly, that is, removes users
> from the database or puts a * into the passwd file according to the
> user status in the SQL database
>
>I would greatly appreciate any suggestions on this topic!
>
>Thanks in advance for your help...
>
>Alex
>--------------------------------------------------------------------------
>"Nobody will ever need more than 640k RAM!"
> -- Bill Gates, 1981
>"Windows 95 needs at least 8 MB RAM."
> -- Bill Gates, 1996
>"Nobody will ever need Windows 95."
> -- logical conclusion
>
>**************************************************************************
>
>Alexander List @ HTU Graz, Rechbauerstr. 12, A-8010 Graz
>Tel: +43-316-873-5111 Fax: +43-316-873-5115
>
>mailto:[EMAIL PROTECTED]
>http://www.sbox.tu-graz.ac.at/home/alexlist
>
>PGP public key available via WWW or on request
>--------------------------------------------------------------------------
>
>
>
