From owner-freebsd-isp Mon Nov 4 09:22:37 1996 Return-Path: owner-isp Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA04495 for isp-outgoing; Mon, 4 Nov 1996 09:22:37 -0800 (PST) Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.109.160]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA04468; Mon, 4 Nov 1996 09:22:13 -0800 (PST) Received: (from jgreco@localhost) by brasil.moneng.mei.com (8.7.Beta.1/8.7.Beta.1) id KAA05213; Mon, 4 Nov 1996 10:47:44 -0600 From: Joe Greco Message-Id: <199611041647.KAA05213@brasil.moneng.mei.com> Subject: Re: pppgetty To: luigi@labinfo.iet.unipi.it (Luigi Rizzo) Date: Mon, 4 Nov 1996 10:47:44 -0600 (CST) Cc: jgreco@brasil.moneng.mei.com, jkh@time.cdrom.com, hackers@FreeBSD.ORG, isp@FreeBSD.ORG In-Reply-To: <199611041556.QAA02631@labinfo.iet.unipi.it> from "Luigi Rizzo" at Nov 4, 96 04:56:34 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > Jordan, > > > > I am not particularly thrilled about the idea of modems on the same box > > as interactive logins, as it can be a security risk (think of what could > ... > > that ran on the 386DX/25 :-) A modified getty and login presents a > > "normal" banner and login: prompt and then waits for input. A central > > server is then contacted, and returns a reply based on local policy as > > to what to do with the user (local login, remote login, etc)... all > > very transparently. > > is this something similar to what mgetty does ? It has a > "login.config" file which can take the appropriate decision basing on > login name (not real Regular Expressions are supported, but that > shouldn't be too hard). > > Maybe your stuff is more flexible, though. My stuff wants to rely on a central server, which traditionally for Solaria was very trivial (kicked off by inetd): /* * nlrd - the Network Login Router query daemon * * (c) 1993, 1994 by sol.net Network Services and Joe Greco * All rights reserved. */ #include #include #include #define NLRTAB "/usr/local/etc/nlrtab" #define NLRDEFAULT "solaria.sol.net" int crstrip(c) char *c; { register char *ptr; if (ptr = rindex(c, '\n')) { *ptr = '\0'; } if (ptr = rindex(c, '\r')) { *ptr = '\0'; } return(0); } int main() { char userbuf[80]; char usernm[256]; char hostnm[256]; struct passwd *passent; FILE *nlrtabfp; fgets(userbuf, sizeof(userbuf), stdin); crstrip(userbuf); if (nlrtabfp = fopen(NLRTAB, "r")) { while (! feof(nlrtabfp)) { fscanf(nlrtabfp, "%s %s", usernm, hostnm); if (! feof(nlrtabfp)) { if (! strcmp(usernm, userbuf)) { printf("%s\n", hostnm); exit(0); } } } fclose(nlrtabfp); } if (! (passent = getpwnam(userbuf))) { printf("-\n"); } else { printf("%s\n", NLRDEFAULT); } exit(0); } Yo, can you say "simple code"? I knew you could :-) (The code may not compile as I hacked out some #ifdef's and Solaria- specific code - but you see the idea) Since decision making is bubbled up to this level, there is nothing preventing you from adding a if (*userbuf == 'P') { printf("+\n"); exit(0); } after the crstrip(userbuf)... or any of many other possible changes. The "nlrtab" file was meant as an exceptions/override list, but out here at MEI I wrote a script to take the automounter's "auto.home" file and parse it up such that there is an entry for each engineer pointing to that engineer's desktop workstation. Works like a champ. Since I have not looked at mgetty, I can not say for sure what it does, but there is nothing that would prevent "nlrd" from being made into a gizmo that read out of a more generalized configuration file, and took action appropriately. RADIUS is essentially a much more complex, featureful, "do it all" version of my NLR system. I prefer simplicity sometimes. :-) ... JG