On Thu, 2007-06-14 at 10:14 -0400, Simo Sorce wrote:
On Thu, 2007-06-14 at 08:44 -0500, Tom "spot" Callaway
wrote:
> A possible improvement I could see would be to change the tool to ask
> pam if the user exists, as opposed to simply looking
I guess you mean NSS
> in /etc/passwd, /etc/group, as that would better cover network user
> conflicts.
If you don't already do it, you should _really_ do it and quickly.
Checking /etc/passwd directly today is not acceptable IMO, NSS has been
introduced exactly to decouple user querying from knowledge of the
underlying db and mechanisms used.
So... since I know pam but not NSS, is there a way to ask that question
(does a user/group exist) on the commandline with existing NSS tools?
~spot