SUMMARY:Use database format of password file.

From: Wong Horn Lim (hlwong@asiapac.net)
Date: Thu Feb 05 1998 - 19:56:25 CST


Hi all,
  Sorry for the post, I have found the solution from
the archive. But I do face the same problem like Joel Turoff
since my server is connected to internet, and would like
to have a more secure way to implement it.

Horn Wong
hlwong@asiapac.net

  My original post :

>Hi all,
>
> I have a Sun Ultra 2 machine running Solaris 2.5.1, is that
>possible to make my sun server using database format(dbm or gdbm) of
>password file and not using /etc/passwd and /etc/shadow ?
> And also whenever a new user is created, or user changing
>password, it will update the password db automatically.
>
>
>Thanks.
>
>
>Horn Wong
>hlwong@asiapac.net
>

and the summary :

Sender: sun-managers-relay@ra.mcs.anl.gov
X-Sender: turoff@disaster.com
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Fri, 09 Jan 1998 10:52:05 +0000
To: sun-managers@ra.mcs.anl.gov
From: Joel Turoff <turoff@disaster.com>
Reply-to: Joel Turoff <turoff@disaster.com>
Followup-to: Joel Turoff <turoff@disaster.com>
Subject: SUMMARY: How to create a database of /etc/passwd file

Greetings!

First, thanks to the following for their help:

Dave McFerren <davem@solve.net>
CHENTHIL KG <chenthil@mtcts1.mt.lucent.com>
Dave McFerren <davem@solve.net>
Eugene Kramer <eugene@uniteq.com>
Jacques Beigbeder <Jacques.Beigbeder@ens.fr>
Tim Carlson <tim@santafe.edu>
"DJEVANS.AU.ORACLE.COM" <DJEVANS@au.oracle.com>
Bob Radvanovsky <i3cs@wwa.com>
parpae@jgbdev.fi.gs.com (Emy Parparita)
"Karl E. Vogel" <vogelke@c17mis.region2.wpafb.af.mil>
Geoff Weller <GeoffW@bs.cs.odu.edu>
Bob Bridgham <robbie@b-e-s-t.com>
"Ade E Oyeyemi"<oyeyemi_ade@jpmorgan.com>
<dinor@corsair.com>

Here's my original post:

I am looking for information on how to generate a binary database of the
/etc/passwd and /etc/shadow files to speed up lookups when users login, pop
their email, etc.

AIX has a nice command called 'mkpasswd' which generates a passwd.dir and
passwd.pag file for efficient searches.

Anyone know of a similar program for Solaris.

Thanks.

Responses:

Most people recommended using the "makedbm" program to generate NIS style
password databases. This appears to be the standard Solaris solution to
this problem.

But the servers I want to create database password files on are Internet
servers, and the CERT Organization strongly recommends *NOT* using NIS or
NIS+ on any server directly connected to the Internet, which I agree with.
Also, it would be necessary to rewrite all the programs that consult the
password file so that they looked at dbm databases.

Our main problem was with users checking their email accounts.
Consequenly, what we are going to try is to re-write popper so that it can
check dbm databases created with the makedbm command. I'd be very
interested to hear from anyone out there who has done this.

Karl Vogel also introduced me to an interesting suite available on the
Internet that others might find useful for this type of project:

   "You can get DBM password file stuff in the shadow login suite by John
   Haugh. Two places to look:

        Host ab20.larc.nasa.gov
            Location: /usenet/comp.sources.misc/volume26
              DIRECTORY drwxrwxr-x 512 Nov 26 04:41 shadow
 
        Host gatekeeper.dec.com
            Location: /pub/comp.sources.misc/volume26
              DIRECTORY dr-xr-xr-x 512 Dec 15 13:42 shadow"

Thanks everyone!

Joel



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:30 CDT