Date: Mon, 4 Nov 1996 10:47:44 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: luigi@labinfo.iet.unipi.it (Luigi Rizzo) Cc: jgreco@brasil.moneng.mei.com, jkh@time.cdrom.com, hackers@FreeBSD.ORG, isp@FreeBSD.ORG Subject: Re: pppgetty Message-ID: <199611041647.KAA05213@brasil.moneng.mei.com> In-Reply-To: <199611041556.QAA02631@labinfo.iet.unipi.it> from "Luigi Rizzo" at Nov 4, 96 04:56:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Jordan,
> >
> > I am not particularly thrilled about the idea of modems on the same box
> > as interactive logins, as it can be a security risk (think of what could
> ...
> > that ran on the 386DX/25 :-) A modified getty and login presents a
> > "normal" banner and login: prompt and then waits for input. A central
> > server is then contacted, and returns a reply based on local policy as
> > to what to do with the user (local login, remote login, etc)... all
> > very transparently.
>
> is this something similar to what mgetty does ? It has a
> "login.config" file which can take the appropriate decision basing on
> login name (not real Regular Expressions are supported, but that
> shouldn't be too hard).
>
> Maybe your stuff is more flexible, though.
My stuff wants to rely on a central server, which traditionally for Solaria
was very trivial (kicked off by inetd):
/*
* nlrd - the Network Login Router query daemon
*
* (c) 1993, 1994 by sol.net Network Services and Joe Greco
* All rights reserved.
*/
#include <stdio.h>
#include <string.h>
#include <pwd.h>
#define NLRTAB "/usr/local/etc/nlrtab"
#define NLRDEFAULT "solaria.sol.net"
int crstrip(c)
char *c;
{
register char *ptr;
if (ptr = rindex(c, '\n')) {
*ptr = '\0';
}
if (ptr = rindex(c, '\r')) {
*ptr = '\0';
}
return(0);
}
int main()
{
char userbuf[80];
char usernm[256];
char hostnm[256];
struct passwd *passent;
FILE *nlrtabfp;
fgets(userbuf, sizeof(userbuf), stdin);
crstrip(userbuf);
if (nlrtabfp = fopen(NLRTAB, "r")) {
while (! feof(nlrtabfp)) {
fscanf(nlrtabfp, "%s %s", usernm, hostnm);
if (! feof(nlrtabfp)) {
if (! strcmp(usernm, userbuf)) {
printf("%s\n", hostnm);
exit(0);
}
}
}
fclose(nlrtabfp);
}
if (! (passent = getpwnam(userbuf))) {
printf("-\n");
} else {
printf("%s\n", NLRDEFAULT);
}
exit(0);
}
Yo, can you say "simple code"? I knew you could :-)
(The code may not compile as I hacked out some #ifdef's and Solaria-
specific code - but you see the idea)
Since decision making is bubbled up to this level, there is nothing
preventing you from adding a
if (*userbuf == 'P') {
printf("+\n");
exit(0);
}
after the crstrip(userbuf)... or any of many other possible changes.
The "nlrtab" file was meant as an exceptions/override list, but out here
at MEI I wrote a script to take the automounter's "auto.home" file and
parse it up such that there is an entry for each engineer pointing to
that engineer's desktop workstation. Works like a champ.
Since I have not looked at mgetty, I can not say for sure what it does,
but there is nothing that would prevent "nlrd" from being made into a
gizmo that read out of a more generalized configuration file, and
took action appropriately. RADIUS is essentially a much more complex,
featureful, "do it all" version of my NLR system.
I prefer simplicity sometimes. :-)
... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611041647.KAA05213>