Re: login capabilities mappings

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Egoitz Aurrekoetxea <egoitz [at] sarenet.es>
Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: login capabilities mappings
Date: Tue, 25 Oct 2016 08:55:04 +0200

Hi Arthur,

Thanks a lot for your time. Understood :). I think I'll try to hack the code when I'll have some time for that :)

I'll keep you informed.

Best regards,

El 24/10/16 a las 21:39, Arthur de Jong escribió:

On Mon, 24 Oct 2016, Egoitz Aurrekoetxea wrote:

Is it possible through nss-pam-ldapd to be able to store which login class in FreeBSD a users belongs to, in OpenLDAP ?. I needed it for assigning different MAC labels to each user. The login capabilities in a login class to which a user belongs can be found in /etc/login.conf.

This is currently unsupported in nss-pam-ldapd. The NSS module sets the login class to an empty string.

This shouldn't be too difficult to add code-wise but it would mean the nslcd protocol (spoken between the nslcd daemon and NSS and PAM modules) would need to be extended or be system-specific (currently it is platform and architecture independant).

I'm also not sure about any commonly used LDAP schema for storing login class.

Kind regards,

Egoitz Aurrekoetxea

Departamento de sistemas

944 209 470
Parque Tecnológico. Edificio 103
48170 Zamudio (Bizkaia)

egoitz@sarenet.es

www.sarenet.es

Antes de imprimir este correo electrónico piense si es necesario hacerlo.

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/

login capabilities mappings, Egoitz Aurrekoetxea
- Re: login capabilities mappings, Arthur de Jong
  - Re: login capabilities mappings, Egoitz Aurrekoetxea

Prev by Date: Re: login capabilities mappings
Next by Date: per pam service ldap config support?
Previous by thread: Re: login capabilities mappings
Next by thread: per pam service ldap config support?