Date: Fri, 9 Sep 2016 23:28:42 -0400 From: Garrett Wollman <wollman@bimajority.org> To: "Poul-Henning Kamp" <phk@phk.freebsd.dk> Cc: freebsd-security@freebsd.org, freebsd-arch@freebsd.org Subject: Re: Trying to think out a hack for NSS and pw(8) Message-ID: <22483.32234.747577.586530@hergotha.csail.mit.edu> In-Reply-To: <67593.1473451982@critter.freebsd.dk> References: <22483.5592.653250.726711@hergotha.csail.mit.edu> <67593.1473451982@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 09 Sep 2016 20:13:02 +0000, "Poul-Henning Kamp" <phk@phk.freebsd.dk> said: > You want to add a futher layer of complications to the the already > far too complicated user/group/authentication code in FreeBSD, > just because you don't want to look at Puppets Ruby code ? Um, no, that's not remotely what I wrote. I've spent far more time than is useful looking at Puppet's Ruby code, TYVM. What I don't want to do is rewrite pw(8) *and* the Ruby standard library to have their own passwd(5) implementations to be used just for managing the sysadmin accounts on a server. I could tolerate changing pw(8) to give it a "local" flag that means only look at/manipulate the local files -- except that the C library doesn't provide any sort of hook for that (yet). I'm proposing to implement that hook. That would at least get me 70% of the way there. -GAWollman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22483.32234.747577.586530>