Fwd: Ways to manage passwd/shadow files?

[Steve Foley]

Forgive me for bringing up an older topic, but I wasnt able to make it 
to USENIX for the tutorial due to some other work travel. Any chance 
there is a link, overview, set of slides, etc. that might offer some 
tips/tricks to good user auth practices on remote machines?

Thanks!
-Steve

Begin forwarded message:

> From: Mark Burgess <Mark.Burgess@iu.hio.no>
> Date: March 10, 2005 12:07:11 PM PST
> To: Brendan Strejcek <brendan@cs.uchicago.edu>
> Cc: Spam Collector <spam-collector@artair.com>, help-cfengine@gnu.org
> Subject: Re: Ways to manage passwd/shadow files?
>
> On Thu, 2005-03-10 at 14:00 -0600, Brendan Strejcek wrote:
> > Spam Collector wrote:
> >
> > > What's the best way to use cfengine to manage /etc/passwd and
> > > /etc/shadow? Managing the entire file as a copy would be easy enough,
> > > but how can you just manage a chunk of it? Using edifiles to control 
> > > a
> > > block would have the desired result, except that AFAIK you can't have
> > > comment lines in those files (the ### BEGIN and ### END lines I use 
> > > to
> > > manage blocks in other config files).
> >
> > As there is no order to a passwd file, why do you need to manage it in
> > blocks at all?
> >
> > A trick that I am fond of is embedding vipw in shellcommands with ed 
> > as
> > EDITOR, but that would not scale to large collections of users.
> >
> > -- Brendan
>
> If you can make it to USENIX, I'll be showing how I manage our netlab
> which has a subset of the full set of users from another host...it
> wouldn't be fair to USENIX to publish it before the tutorial.
>
> Mark
>
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
-----
Steve Foley
Scripps Institution of Oceanography
sfoley@ucsd.edu, (858) 822-3356