From owner-freebsd-emulation@FreeBSD.ORG Fri Mar 21 23:11:18 2008 Return-Path: Delivered-To: freebsd-emulation@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0C137106566B for ; Fri, 21 Mar 2008 23:11:18 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from services.ipt.ru (services.ipt.ru [194.62.233.110]) by mx1.freebsd.org (Postfix) with ESMTP id AD5308FC15 for ; Fri, 21 Mar 2008 23:11:17 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from [85.173.17.109] (helo=localhost.my.domain) by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) id 1JcqOJ-000K5P-Cx; Sat, 22 Mar 2008 02:11:15 +0300 To: "O. Hartmann" References: <47E27CB9.1070300@zedat.fu-berlin.de> <98058765@ipt.ru> <47E423FD.2020405@zedat.fu-berlin.de> From: Boris Samorodov Date: Sat, 22 Mar 2008 02:10:43 +0300 In-Reply-To: <47E423FD.2020405@zedat.fu-berlin.de> (O. Hartmann's message of "Fri\, 21 Mar 2008 21\:09\:17 +0000") Message-ID: <28439212@ipt.ru> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-emulation@FreeBSD.org Subject: Re: FreeBSD 7.0, Linuxulator and LDAP X-BeenThere: freebsd-emulation@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Development of Emulators of other operating systems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2008 23:11:18 -0000 Hello List, OK, let's see if someone from freebsd-emulation@ ML can help. On Fri, 21 Mar 2008 21:09:17 +0000 O. Hartmann wrote: > Boris Samorodov wrote: > > On Thu, 20 Mar 2008 15:03:21 +0000 O. Hartmann wrote: > > > >> we use a LDAP backed up environment on our FreeBSD boxes (mostly 7.0 > >> machines). > >> With several tools running under Linux/Linuxulator in FreeBSD ist is > >> not possible to work, like acroread or linux-opera and other software > >> (like IDL, Mathematica). When the software starts up, it complains > >> about unknown user IDs (acroread, Gtk-toolset). > > > > Hm. I never used FreeBSD with LDAP backed up environment. > So then you very likely do not run into problems administrators or > users of non-trivial and non-home environments would probably run > into! > > Some linux apps display warnings about unknown IDs (something like > > glib about UID 0), but it never prevented the app from functioning. > Acrobat reader, for instance, does not work because the Gtk lib > compalins about a non-existent ID as I wrote - and stops working. > > > >> I guess I need a complete PAM/NSS/LDAP setup in Linux > >> (/compat/linux/etc), but I have no glue how to get the appropriate > >> libraries (pam_ldap.so, nss_ldap.so etc.). > > > > I don't think so. The main idea for linuxulator is to use as much as > > possible. We do use FreeBSD native configure and other files and > > databases. E.g. we _remove_ passwd and other files (as well as some > > directories) from linux distribution before installing. > Then it would be easy to find a way how the Linuxulator utilize the > PAM/NSS/LDAP environment setup of the hosting system, like FreeBSD > 7.0? All right, I'll appreciate any hints and tips. > >> Can anybody help? > > > > Well, I can give you only some theory here. Sorry. :-( > Thank you very much. > Apart from the way the Linuxulator 'should work in theory' it does not > realize a LDAP environment.This can be very easily proffed: > Do an 'exec /compat/linux/bin/sh' from an LDAP backed system > environment where users do not exist in the local passwd. And then > you'll see very quickly how FreeBSD's Linuxulator uses as much as > possible from FreeBSD hosting system. The user is unknown. > > 1. Use FreeBSD database (passwd and friends) before LDAP. > > 2. Add needed IDs to LDAP database. > I do not understand this recommendations. Why should I use the local > FreeBSD auth-stuff when FreeBSD is within a centralized server > environment? This is 70s thinking, NIS/YP isn't apllicable anymore in > many environments and the local db stuff isn't as well. > Again, our whole facility has centralized, server-environment-like > LDAP setups. > O. Hartmann WBR -- bsam