Date: Mon, 4 Nov 1996 10:47:44 -0600 (CST) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: luigi@labinfo.iet.unipi.it (Luigi Rizzo) Cc: jgreco@brasil.moneng.mei.com, jkh@time.cdrom.com, hackers@FreeBSD.ORG, isp@FreeBSD.ORG Subject: Re: pppgetty Message-ID: <199611041647.KAA05213@brasil.moneng.mei.com> In-Reply-To: <199611041556.QAA02631@labinfo.iet.unipi.it> from "Luigi Rizzo" at Nov 4, 96 04:56:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Jordan, > > > > I am not particularly thrilled about the idea of modems on the same box > > as interactive logins, as it can be a security risk (think of what could > ... > > that ran on the 386DX/25 :-) A modified getty and login presents a > > "normal" banner and login: prompt and then waits for input. A central > > server is then contacted, and returns a reply based on local policy as > > to what to do with the user (local login, remote login, etc)... all > > very transparently. > > is this something similar to what mgetty does ? It has a > "login.config" file which can take the appropriate decision basing on > login name (not real Regular Expressions are supported, but that > shouldn't be too hard). > > Maybe your stuff is more flexible, though. My stuff wants to rely on a central server, which traditionally for Solaria was very trivial (kicked off by inetd): /* * nlrd - the Network Login Router query daemon * * (c) 1993, 1994 by sol.net Network Services and Joe Greco * All rights reserved. */ #include <stdio.h> #include <string.h> #include <pwd.h> #define NLRTAB "/usr/local/etc/nlrtab" #define NLRDEFAULT "solaria.sol.net" int crstrip(c) char *c; { register char *ptr; if (ptr = rindex(c, '\n')) { *ptr = '\0'; } if (ptr = rindex(c, '\r')) { *ptr = '\0'; } return(0); } int main() { char userbuf[80]; char usernm[256]; char hostnm[256]; struct passwd *passent; FILE *nlrtabfp; fgets(userbuf, sizeof(userbuf), stdin); crstrip(userbuf); if (nlrtabfp = fopen(NLRTAB, "r")) { while (! feof(nlrtabfp)) { fscanf(nlrtabfp, "%s %s", usernm, hostnm); if (! feof(nlrtabfp)) { if (! strcmp(usernm, userbuf)) { printf("%s\n", hostnm); exit(0); } } } fclose(nlrtabfp); } if (! (passent = getpwnam(userbuf))) { printf("-\n"); } else { printf("%s\n", NLRDEFAULT); } exit(0); } Yo, can you say "simple code"? I knew you could :-) (The code may not compile as I hacked out some #ifdef's and Solaria- specific code - but you see the idea) Since decision making is bubbled up to this level, there is nothing preventing you from adding a if (*userbuf == 'P') { printf("+\n"); exit(0); } after the crstrip(userbuf)... or any of many other possible changes. The "nlrtab" file was meant as an exceptions/override list, but out here at MEI I wrote a script to take the automounter's "auto.home" file and parse it up such that there is an entry for each engineer pointing to that engineer's desktop workstation. Works like a champ. Since I have not looked at mgetty, I can not say for sure what it does, but there is nothing that would prevent "nlrd" from being made into a gizmo that read out of a more generalized configuration file, and took action appropriately. RADIUS is essentially a much more complex, featureful, "do it all" version of my NLR system. I prefer simplicity sometimes. :-) ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611041647.KAA05213>