Re: db of /etc/passwd and /etc/group
On Sat, 09 Jan 1999, you wrote:
>> On Sat, 9 Jan 1999, Russell Coker wrote:
>>
>> > If a system contains a nsswitch.conf file similar to the snippet I've included
>> > below then would it be possible for utilities such as adduser, passwd, and vipw
>> > to run appropriate makedb commands to keep the database in sync? Or is there
>> > something wrong with desiring this type of functionality?
>
>My question is: Does this work? And if it does work then what is the 'db'
>file called?
This seems to work OK. I can't claim to having tested it extensively (run for
a week on my laptop), but it seems to work. Stracing the relevant programs
shows them opening the DB files instead of the files in /etc.
The DB files are in /var/db. There is a makefile to create/update the DB
files, but note that it does not do anything with permissions and ownerships of
files. So the first time you run it a file /var/db/shadow.db will be created
world-readable if the file doesn't already exist. The solution is to create a
file /var/db/shadow.db that is only readable by group shadow, touch /etc/shadow
(so it's newer than the DB file and the DB file will be re-built) and then run
make. Then with the current setup you want to have a cron entry for root to
run make regularly with the current setup (I do it every hour).
>I would really -love- to have two password files, a local one an a
>replicated one ..
This is not the solution for replicated password files. This is the solution
for situations where you have 5000+ accounts which make programs such as "ls"
run slowly if accounts have to be found in a flat-file.
The way that db files would be used would be to either have programs look at
the DB files first and then look at the flat files if the entry isn't found, or
to just only look in the DB files.
--
I am in London and would like to meet any Linux users here.
I plan to work in London for 3 - 6 months...
Reply to: