[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Ways to manage passwd/shadow files?
|
From: |
Tim Nelson |
|
Subject: |
Re: Ways to manage passwd/shadow files? |
|
Date: |
Fri, 11 Mar 2005 13:03:07 +1100 (EST) |
On Thu, 10 Mar 2005, Spam Collector wrote:
On 2005-03-10, Brendan Strejcek <brendan@cs.uchicago.edu> wrote:
Spam Collector wrote:
What's the best way to use cfengine to manage /etc/passwd and
/etc/shadow? Managing the entire file as a copy would be easy enough,
but how can you just manage a chunk of it? Using edifiles to control a
block would have the desired result, except that AFAIK you can't have
comment lines in those files (the ### BEGIN and ### END lines I use to
manage blocks in other config files).
As there is no order to a passwd file, why do you need to manage it in
blocks at all?
The purpose is to have site-wide management of some accounts while
still allowing other locally managed accounts.
Do you use PAM on your machines? If so, I'd suggest making the
system try LDAP first, and if that fails, try local accounts (or the other
way around). I think even nsswitch.conf can do this (yes? no?).
:)
--
Tim Nelson
Server Administrator
WebAlive Technologies Global
Level 1 Innovation Building, Digital Harbour
1010 LaTrobe Street
Docklands, Melbourne,
Vic, 3008
Phone: +61 3 9934 0812
Fax: +61 3 9934 0899
E-mail: tim.nelson@webalive.biz
http://www.webalive.biz/
"Your Business, Your Web, Your Control"