From owner-freebsd-security@FreeBSD.ORG Tue May 27 12:23:46 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DEC7637B401 for ; Tue, 27 May 2003 12:23:46 -0700 (PDT) Received: from bitch.inducedreality.net (adsl-67-124-144-35.dsl.pltn13.pacbell.net [67.124.144.35]) by mx1.FreeBSD.org (Postfix) with SMTP id C8B8343F3F for ; Tue, 27 May 2003 12:23:45 -0700 (PDT) (envelope-from david@bitch.inducedreality.net) Received: (qmail 83038 invoked by uid 1000); 27 May 2003 19:24:30 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 27 May 2003 19:24:30 -0000 Date: Tue, 27 May 2003 12:24:30 -0700 (PDT) From: David To: Andy Harrison In-Reply-To: Message-ID: <20030527121830.V82960-100000@bitch.inducedreality.net> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: multihost master.passwd sync X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2003 19:23:47 -0000 Can't you just have two cron jobs, one on the master machine which dists the file out to the various machines in /var/tmp or something and another one on the slave machine which picks it up and replaces/integrates it? The permissions on the file should keep other people from modifying it. The only possible problem (depending on setup) could be if someone put a passwd file there first and the dist didn't properly handle that. However, if the cron on the slave machine checks the permissions first, that problem can be avoided. David On Tue, 27 May 2003, Andy Harrison wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > Just wondered if anyone had any suggestions about syncing up master.passwd > files between multiple machines that didn't involve allowing root login > remotely? The users need to be able to log in remotely and own files on the > different machines. > > > > ~~ > Andy Harrison > ah##@httpsite.com > ICQ: 123472 AIM/Y!: AHinMaine > [full headers for details] > > -----BEGIN PGP SIGNATURE----- > Version: PGP 6.5.8 > > iQCVAwUBPtOkfFPEkLgodAWVAQGivwP9EHYSqM/PfEH744F1tRL5Lxz3cRMkuWST > GaT1+ZdbMx4AIfh0Zi/ZqB/WoHWK/SdmRtxAiaRwCA/llnMUE0UzWyTGTc56Dw9q > vlUG0wRQ4bBVh7wUlKzs4NCe47JAkk2Dou7RgCfrIuLBm7JRScKkzyxkkOai+H/c > ucTgljeOROE= > =Bb22 > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >