fedora-atomic discussion point: /usr/lib/passwd

Alexander Bokovoy abokovoy at redhat.com
Mon Apr 28 16:51:10 UTC 2014


On Mon, 28 Apr 2014, Simo Sorce wrote:
>On Mon, 2014-04-28 at 15:32 +0000, Colin Walters wrote:
>> On Fri, Apr 11, 2014 at 2:33 AM, Colin Walters <walters at verbum.org>
>> wrote:
>> > For the fedora-atomic work, the only not-in-Fedora package is
>> > shadow-utils because it requires a patch, that still lives in my
>> > walters/rpm-ostree COPR.
>>
>> I attempted to capture some of this discussion here:
>> https://bugzilla.gnome.org/show_bug.cgi?id=729118
>>
>> If anyone has more thoughts/ideas please feel free to follow up here,
>> and I can update the bug, or comment on the bug directly.
>
>I am still not convinced it is a good idea to split passwd in multiple
>files, besides potentially affecting applications and backup tools and
>custom scripts.
Just to make you aware, there are already schemes with shredded shadow
files, like TCB: http://www.openwall.com/tcb/

It stores a shadow file per each user and implements both NSS and PAM
modules to work with these files.

It is deployed for years in OpenWall, ALT Linux, and a number of other
distributions.

-- 
/ Alexander Bokovoy


More information about the devel mailing list