mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-22 19:44:21 +01:00
41 lines
1.6 KiB
Text
41 lines
1.6 KiB
Text
The NSS-MySQL name service switch library
|
|
|
|
libnss_mysql retrieves user account information from a MySQL database server.
|
|
Per default stored in /etc/{group,passwd,shadow} on Unix-like systems. Which
|
|
(partly) is similar in functionality to NIS, LDAP, RADIUS, Hesoid, winbindd
|
|
|
|
When used over a remote-network uttermost care should be taken in the security
|
|
of this (such as TLS/SSL encripting the connection) and even then storing any
|
|
valid password for such 'virtual' users is probably a bad idee in itself.
|
|
|
|
Kerberos provides for far superior single-sign-on autentication system (the
|
|
'shadow' part in these kinds of systems) both in performance and security.
|
|
|
|
On to the good stuff :-)
|
|
To get this working (locally) login to the database server, presuming that
|
|
it is running; otherwise read /etc/rc.d/rc.mysqld first; to make the DB:
|
|
|
|
# mysql -uroot -p
|
|
> CREATE DATABASE nss_mysql;
|
|
|
|
After this is done it has to be populated with the user tables; there is
|
|
an example for them is provided in /usr/doc/nss-mysql-<version>/sample.sql
|
|
|
|
You can copy that to say /tmp , (probably) edit it some and insert it with:
|
|
|
|
# mysql -uroot -p -D nss_mysql < /tmp/sample.sql
|
|
|
|
After this is done create the 'nss' and 'nss-shadow' database users with
|
|
statements such as the ones found in /usr/doc/nss-mysql-<version>/SHADOW
|
|
And make sure the passwords for them in /etc/nss-{mysql,mysql-root}.conf
|
|
are the same ...
|
|
|
|
Now edit your /etc/nsswitch.conf to look like the -mysql and try the commands
|
|
|
|
getent passwd
|
|
getent shadow
|
|
|
|
Which should list the users pulled from mysql!
|
|
( Otherwise have a look at 'tail /var/log/syslog' - for hints to fix it).
|
|
|
|
-Menno.
|