[OpenAFS] libnss-ptdb
FB
fbo2@gmx.net
Sun, 1 Apr 2007 21:03:05 +0200
Hi,
On Sun, Apr 01, 2007 at 09:56:24AM -0700, Adam Megacz wrote:
[snip]
> I see. I think nscd would achieve the same effect...
Not really. It would still mean, having to wait for missing DB-servers to be
marked offline - for each process.
> Also, while I'm hacking on this, two more questions:
>
> 1. Does it make sense to map AFS group ids (with the sign reversed)
> onto GIDs?
Most likely no.
> 2. Previous suggestions about shells involved putting users into
> groups named after shells, such as
>
> pts add adam shell:bash
>
> But it seems that this wouldn't allow users to manage their own
> shells since shell:bash would belong to some administrative user.
> What about an alternative, where users would create a group
> "username:shell.bash"?
>
> pts cg adam:shell.bash
Hmm... Where does the 'groupname'->'shell-binary' map come from?
When I started using AFS I despaired of Kerberos. My boss suggested, simply
to put a passwd-file into the AFS-filespace :-) . Not a really good idea for
authentication but maybe for a user-shell-map. Changing the shell could be
accomplished by some web-interface and a script, updating this file once an
hour.
> Davor Ocelic also had a neat suggestion about giving human-readable
> names to PAG groups.
Do you have some pointer for that?
Regards,
Frank