From owner-freebsd-hackers  Sun Aug  1  2:46: 8 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from snafu.adept.org (adsl-63-193-112-19.dsl.snfc21.pacbell.net [63.193.112.19])
	by hub.freebsd.org (Postfix) with ESMTP id 1290814F71
	for <hackers@FreeBSD.ORG>; Sun,  1 Aug 1999 02:46:01 -0700 (PDT)
	(envelope-from mike@snafu.adept.org)
Received: from localhost (mike@localhost)
	by snafu.adept.org (8.9.3/8.9.3) with ESMTP id CAA25693;
	Sun, 1 Aug 1999 02:43:28 -0700 (PDT)
Date: Sun, 1 Aug 1999 02:43:28 -0700 (PDT)
From: Mike Hoskins <mike@snafu.adept.org>
To: Alex Zepeda <garbanzo@hooked.net>
Cc: Alex Povolotsky <tarkhil@asteroid.svib.ru>, hackers@FreeBSD.ORG
Subject: Re: Solution for mail pseudo-users?
In-Reply-To: <Pine.BSF.4.05.9907311812181.16096-100000@localhost>
Message-ID: <Pine.BSF.4.10.9908010235130.25399-100000@snafu.adept.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 31 Jul 1999, Alex Zepeda wrote:

> The easiest way I can think of would be to add them to /etc/passwd and set
> their shell and home dir to /nonexistant. Ideally you wouldn't be running
> any other daemons, so there'd be no real way for them to access files; but
> the stock ftpd, as well as sshd offer ways to disable access to specific
> users.
> 
> Dealing with "real" users IMO is quite a bit less hackish.

I like the 'keeping it real' idea as well.

Then again, doesn't 3.2R+ support SecureRPC?  Isn't this the sort of thing
NIS+ was invented for?  A centralized db of users that you can then export
to various machines with differing characteristics?  I.e. couldn't you
import the NIS db to your mail box(es) with /nonexistent home directory
and /sbin/nologin shell?  Name and password pairs would still exist,
allowing any SMTP/POP3 daemons I know of to work without change.

If NIS sends chills down your spine, I guess you could also do a bit of
non-daemon-based hackage...  make a script replace the home directory and
shell fields with appropriate values in a copied passwd and rsync the
thing to your mail boxes...

Then again, SQL seems to be the current buzz...  Having SQL-based access
is cool/manageable (a friend generates the MySQL db from his Radius users
file).

As usual, there's more than one way to skin a cat.

Later,
--mike




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message