From owner-freebsd-questions@FreeBSD.ORG Wed Nov 26 07:47:19 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 409C916A4CE for ; Wed, 26 Nov 2003 07:47:19 -0800 (PST) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id D22A043FD7 for ; Wed, 26 Nov 2003 07:47:13 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) hAQFkdqt008234 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 26 Nov 2003 15:47:10 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id hAQFkd9c008233; Wed, 26 Nov 2003 15:46:39 GMT (envelope-from matthew) Date: Wed, 26 Nov 2003 15:46:39 +0000 From: Matthew Seaman To: Wayne Pascoe Message-ID: <20031126154639.GB7575@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Wayne Pascoe , freebsd-questions@freebsd.org References: <20031126151105.GA54101@marvin.penguinpowered.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="tjCHc7DPkfUGtrlw" Content-Disposition: inline In-Reply-To: <20031126151105.GA54101@marvin.penguinpowered.org> User-Agent: Mutt/1.5.5.1i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on happy-idiot-talk.infracaninophile.co.uk cc: freebsd-questions@freebsd.org Subject: Re: Managing passwd files outside /etc X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Nov 2003 15:47:19 -0000 --tjCHc7DPkfUGtrlw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 26, 2003 at 03:11:05PM +0000, Wayne Pascoe wrote: > I'm trying to setup a virtual hosting mail environment. I want to > maintain passwd files for users in my virtual tree. Is it possible to do > this with the passwd utility ? For example, I want to manage > /etc/virtual/penguinpowered.org/passwd >=20 > I can't find a flag telling it to work with a file outside of /etc pw(8) understands a -V etcdir option for operating on passwd files away from the usual location. As the man page says: Alternatively, pw will prompt for the user's password if -h 0 is given, nominating stdin as the file descriptor on which to read the password. Note that this password will be read only once and is intended for use by a script rather than for interactive use. If you wish to have new password confi= r- mation along the lines of passwd(1), this must be imple- mented as part of an interactive script that calls pw. Alternatives: If you set up a jail(8) you can use the regular passwd(1) program within it to manage user accounts, so long as you can arrange for the passwd file to have the path /etc/master.passwd relative to the jail root. You can do similar things with chroot(8), but in either case beware that you will have to provide access to any shlibs loaded subsequent to the chroot or jail call. You could use NIS or LDAP to store the account details for the virtual users: with a little admin-fu it should be possible to get the mail system to refer to those user databases, but have the base system use /etc/master.passwd for system level logins. Learing about SASL will pay dividends here. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --tjCHc7DPkfUGtrlw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/xMrfdtESqEQa7a0RAkD5AJ95UX43T73X29lVcQpBTn3jUNhjxgCdElCB HH3lB1a46IYZMutIXGNOT+Y= =vHPd -----END PGP SIGNATURE----- --tjCHc7DPkfUGtrlw--