Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 4 Nov 1996 10:47:44 -0600 (CST)
From:      Joe Greco <jgreco@brasil.moneng.mei.com>
To:        luigi@labinfo.iet.unipi.it (Luigi Rizzo)
Cc:        jgreco@brasil.moneng.mei.com, jkh@time.cdrom.com, hackers@FreeBSD.ORG, isp@FreeBSD.ORG
Subject:   Re: pppgetty
Message-ID:  <199611041647.KAA05213@brasil.moneng.mei.com>
In-Reply-To: <199611041556.QAA02631@labinfo.iet.unipi.it> from "Luigi Rizzo" at Nov 4, 96 04:56:34 pm

next in thread | previous in thread | raw e-mail | index | archive | help
> > Jordan,
> > 
> > I am not particularly thrilled about the idea of modems on the same box
> > as interactive logins, as it can be a security risk (think of what could
> ...
> > that ran on the 386DX/25 :-)  A modified getty and login presents a
> > "normal" banner and login: prompt and then waits for input.  A central
> > server is then contacted, and returns a reply based on local policy as
> > to what to do with the user (local login, remote login, etc)... all 
> > very transparently.
> 
> is this something similar to what mgetty does ? It has a
> "login.config" file which can take the appropriate decision basing on
> login name (not real Regular Expressions are supported, but that
> shouldn't be too hard).
> 
> Maybe your stuff is more flexible, though.

My stuff wants to rely on a central server, which traditionally for Solaria
was very trivial (kicked off by inetd):

/*
 * nlrd - the Network Login Router query daemon
 *
 * (c) 1993, 1994 by sol.net Network Services and Joe Greco
 * All rights reserved.
 */

#include <stdio.h>
#include <string.h>
#include <pwd.h>

#define NLRTAB  "/usr/local/etc/nlrtab"
#define NLRDEFAULT      "solaria.sol.net"

int crstrip(c)
char *c;
{
        register char *ptr;
        if (ptr = rindex(c, '\n')) {
                *ptr = '\0';
        }
        if (ptr = rindex(c, '\r')) {
                *ptr = '\0';
        }
        return(0);
}

int main()
{
        char userbuf[80];
        char usernm[256];
        char hostnm[256];
        struct passwd *passent;
        FILE *nlrtabfp;

        fgets(userbuf, sizeof(userbuf), stdin);
        crstrip(userbuf);
        if (nlrtabfp = fopen(NLRTAB, "r")) {
                while (! feof(nlrtabfp)) {
                        fscanf(nlrtabfp, "%s %s", usernm, hostnm);
                        if (! feof(nlrtabfp)) {
                                if (! strcmp(usernm, userbuf)) {
                                        printf("%s\n", hostnm);
                                        exit(0);
                                }
                        }
                }
                fclose(nlrtabfp);
        }
        if (! (passent = getpwnam(userbuf))) {
                printf("-\n");
        } else {
                printf("%s\n", NLRDEFAULT);
        }
        exit(0);
}

Yo, can you say "simple code"?  I knew you could :-)

(The code may not compile as I hacked out some #ifdef's and Solaria-
specific code - but you see the idea)

Since decision making is bubbled up to this level, there is nothing 
preventing you from adding a

        if (*userbuf == 'P') {
                printf("+\n");
                exit(0);
        }

after the crstrip(userbuf)...  or any of many other possible changes.

The "nlrtab" file was meant as an exceptions/override list, but out here 
at MEI I wrote a script to take the automounter's "auto.home" file and 
parse it up such that there is an entry for each engineer pointing to 
that engineer's desktop workstation.  Works like a champ.

Since I have not looked at mgetty, I can not say for sure what it does,
but there is nothing that would prevent "nlrd" from being made into a
gizmo that read out of a more generalized configuration file, and 
took action appropriately.  RADIUS is essentially a much more complex,
featureful, "do it all" version of my NLR system.

I prefer simplicity sometimes.  :-)

... JG



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611041647.KAA05213>