Date: Sat, 22 Mar 2008 02:10:43 +0300 From: Boris Samorodov <bsam@ipt.ru> To: "O. Hartmann" <ohartman@zedat.fu-berlin.de> Cc: freebsd-emulation@FreeBSD.org Subject: Re: FreeBSD 7.0, Linuxulator and LDAP Message-ID: <28439212@ipt.ru> In-Reply-To: <47E423FD.2020405@zedat.fu-berlin.de> (O. Hartmann's message of "Fri\, 21 Mar 2008 21\:09\:17 %2B0000") References: <47E27CB9.1070300@zedat.fu-berlin.de> <98058765@ipt.ru> <47E423FD.2020405@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello List, OK, let's see if someone from freebsd-emulation@ ML can help. On Fri, 21 Mar 2008 21:09:17 +0000 O. Hartmann wrote: > Boris Samorodov wrote: > > On Thu, 20 Mar 2008 15:03:21 +0000 O. Hartmann wrote: > > > >> we use a LDAP backed up environment on our FreeBSD boxes (mostly 7.0 > >> machines). > >> With several tools running under Linux/Linuxulator in FreeBSD ist is > >> not possible to work, like acroread or linux-opera and other software > >> (like IDL, Mathematica). When the software starts up, it complains > >> about unknown user IDs (acroread, Gtk-toolset). > > > > Hm. I never used FreeBSD with LDAP backed up environment. > So then you very likely do not run into problems administrators or > users of non-trivial and non-home environments would probably run > into! > > Some linux apps display warnings about unknown IDs (something like > > glib about UID 0), but it never prevented the app from functioning. > Acrobat reader, for instance, does not work because the Gtk lib > compalins about a non-existent ID as I wrote - and stops working. > > > >> I guess I need a complete PAM/NSS/LDAP setup in Linux > >> (/compat/linux/etc), but I have no glue how to get the appropriate > >> libraries (pam_ldap.so, nss_ldap.so etc.). > > > > I don't think so. The main idea for linuxulator is to use as much as > > possible. We do use FreeBSD native configure and other files and > > databases. E.g. we _remove_ passwd and other files (as well as some > > directories) from linux distribution before installing. > Then it would be easy to find a way how the Linuxulator utilize the > PAM/NSS/LDAP environment setup of the hosting system, like FreeBSD > 7.0? All right, I'll appreciate any hints and tips. > >> Can anybody help? > > > > Well, I can give you only some theory here. Sorry. :-( > Thank you very much. > Apart from the way the Linuxulator 'should work in theory' it does not > realize a LDAP environment.This can be very easily proffed: > Do an 'exec /compat/linux/bin/sh' from an LDAP backed system > environment where users do not exist in the local passwd. And then > you'll see very quickly how FreeBSD's Linuxulator uses as much as > possible from FreeBSD hosting system. The user is unknown. > > 1. Use FreeBSD database (passwd and friends) before LDAP. > > 2. Add needed IDs to LDAP database. > I do not understand this recommendations. Why should I use the local > FreeBSD auth-stuff when FreeBSD is within a centralized server > environment? This is 70s thinking, NIS/YP isn't apllicable anymore in > many environments and the local db stuff isn't as well. > Again, our whole facility has centralized, server-environment-like > LDAP setups. > O. Hartmann WBR -- bsam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28439212>