From owner-freebsd-hackers@freebsd.org  Mon Feb 17 11:14:38 2020
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8FAEF2554C0
 for <freebsd-hackers@mailman.nyi.freebsd.org>;
 Mon, 17 Feb 2020 11:14:38 +0000 (UTC) (envelope-from ap00@mail.ru)
Received: from smtp38.i.mail.ru (smtp38.i.mail.ru [94.100.177.98])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 48LhG52d4Vz4JRV
 for <freebsd-hackers@freebsd.org>; Mon, 17 Feb 2020 11:14:37 +0000 (UTC)
 (envelope-from ap00@mail.ru)
Received: by smtp38.i.mail.ru with esmtpa (envelope-from <ap00@mail.ru>)
 id 1j3eME-0007KH-FQ
 for freebsd-hackers@freebsd.org; Mon, 17 Feb 2020 14:14:34 +0300
Date: Mon, 17 Feb 2020 14:14:32 +0300
From: Anthony Pankov <ap00@mail.ru>
X-Priority: 3 (Normal)
Message-ID: <661730512.20200217141432@mail.ru>
To: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject: is there a future for user accounting (getpw* replacement)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-7564579A: 78E4E2B564C1792B
X-77F55803: 0A44E481635329DB0E1AA8A03B392317F65658A2B47C080330131054616CB0F120ADF35AEC30349DF688BCB05C26794D575C405348F4CF73B076D253F05E11AABEB38AD8896B7530D79DA5B6B6F53AEF
X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7CA8E915ACC910FBDEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F790063781769915DC205ABEEA1F7E6F0F101C674E70A05D1297E1BBC6CDE5D1141D2B1C0DC91DF045D0351914F1DBF78F1D1392000BB2602D4A83109FA2833FD35BB23D9E625A9149C048EE26EBC606A559BFCFE5D25F19253116ADD2E47CDBA5A96583BD4B6F7A4D31EC0BB23A54CFFDBC96A8389733CBF5DBD5E9D5E8D9A59859A8B62A2FE3BEE621D36CA471835C12D1D977C4224003CC8364767815B9869FA544D8D32BA5DBAC0009BE9E8FC8737B5C22491BDC5325088848EC76E601842F6C81A12EF20D2F80756B5F012D6517FE479FCD76E601842F6C81A127C277FBC8AE2E8B0704B65276AE8F4C3AA81AA40904B5D99449624AB7ADAF3726B9191E2D567F0E725E5C173C3A84C309A7649CC036878F35872C767BF85DA2F004C906525384306FED454B719173D6462275124DF8B9C9DE2850DD75B2526BE5BFE6E7EFDEDCD789D4C264860C145E
X-D57D3AED: Y8kq8+OzVoxvgW9Op3aR8Fxwo7H2ZNxGP5qz8aO2mjTJzjHGC4ogvVuzB3zfVUBtENeZ6b5av1fnCBE34JUDkaJinJwwHx5ysVv9/YfT9ueKN0Nh/ly1Ag==
X-Mailru-Sender: D8D48EF70163D79D00784CDFC8FD31073B60C61F5AE661AD1750D297725C05F1707A50CDA4C0E07250D5CF8590B94F4EC77752E0C033A69E81198BD1A48777B793AC9912533B2342AE208404248635DF
X-Mras: Ok
X-Rspamd-Queue-Id: 48LhG52d4Vz4JRV
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.10 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 R_DKIM_ALLOW(-0.20)[mail.ru:s=mail2]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:94.100.176.0/20];
 FREEMAIL_FROM(0.00)[mail.ru]; MIME_GOOD(-0.10)[text/plain];
 MIME_TRACE(0.00)[0:+]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
 IP_SCORE(0.00)[ipnet: 94.100.176.0/20(0.06), asn: 47764(0.25), country:
 RU(0.01)]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[mail.ru:+];
 DMARC_POLICY_ALLOW(-0.50)[mail.ru,reject];
 HAS_X_PRIO_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 RCVD_COUNT_ZERO(0.00)[0];
 RCVD_IN_DNSWL_LOW(-0.10)[98.177.100.94.list.dnswl.org : 127.0.5.1];
 FROM_EQ_ENVFROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[mail.ru];
 ASN(0.00)[asn:47764, ipnet:94.100.176.0/20, country:RU];
 MID_RHS_MATCH_FROM(0.00)[];
 DWL_DNSWL_NONE(0.00)[mail.ru.dwl.dnswl.org : 127.0.5.0]
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Feb 2020 11:14:38 -0000

Greetings,

I'm   wondering  has  anybody  any  thoughts  about  user  accounting
provided at the system level? 

It seems that getpw* doesn't suit the needs of application services.
All  applications has some external/internal mechanism for storing and
retrieving  user  properties  (settings,  roles etc). Furthermore they
implement own security policy based on this mechanism.

Mostly it is done via LDAP connection or internal store (as for database).

It seems that all application developers will be more happy if OS will
have a few functions to do the things such as:
- list users of some type;
- get user properties specific to application;
- get  user roles specific to application
-?

Does   anybody   has   thoughts  about  what  OS  must provide to keep
applications consistency and make developers happier?

-- 
Best regard,
 Anthony  Pankov                         mailto:ap00@mail.ru