fedora-atomic discussion point: /usr/lib/passwd

"Jóhann B. Guðmundsson" johannbg at gmail.com
Sun Apr 13 21:41:13 UTC 2014


On 04/11/2014 05:19 PM, Lennart Poettering wrote:
> On Fri, 11.04.14 19:05, Miloslav Trmač (mitr at volny.cz) wrote:
>
>> There is broad agreement that future access to the user database database
>> (both reading and writing) will be through sssd[1], and that the data model
>> of /etc/{passwd,shadow} is too restrictive--we already want/need to store
>> more data about users than those files allow us to.  (E.g. language for
>> physical persons, better namespaces and more accurate password expiration
>> for all accounts.)
> Uhmm, is there "broad agreement"? I beg to differ... I really don't see
> sssd inside of OS containers. Sorry.
>
> I also don't see sssd covering cases where /var is not around and where
> we can "disconnected" updates, the way Colin suggests.
>
> I also didn't see sssd in control of system users at all, but merely of
> normal users.

Right storing system users in ldap ( or in whatever centralized 
authentication system ) is bad idea and should never be done.
( think mixed OS environments and SAN's lun etc. )

JBG




More information about the devel mailing list