[Adduser-devel] adduser rewrite

Marc Haber mh+adduser-devel at zugschlus.de
Sat Jan 6 14:56:28 CET 2007 

On Fri, Jan 05, 2007 at 08:12:59PM +0100, Davor Ocelic wrote:
> On Fri, 5 Jan 2007 10:40:30 +0100
> Marc Haber <mh+adduser-devel at zugschlus.de> wrote:
> > On Thu, Jan 04, 2007 at 11:59:54PM +0100, Davor Ocelic wrote:
> > > Recently we[1] had a need to add ldap/krb/afs support to adduser.
> > 
> > I am not sure whether it makes sense to have adduser write to other
> > user database backends. If you, for example, install a mysql server on
> > one system, is it desireable to have the mysql user created in ldap
> > where it starts to exist on all systems?
> 
> This is a matter of configurable policy.

Good.

> > I suspect that it will be exceptionally hard to write an adduser ldap
> > backend that will cover the needs of all installations using it.
> 
> Not really. The way I've thought about it, there would be something
> like /etc/adduser/add-user.ldif, which would be a template that
> can expand variables from adduser, and it would be configured to
> work with default debian ldap installation out of the box. If you modify
> ldap setup, then you would have to modify those ldif files too, of course.

I cannot comment about that since I do not have any remote clue about
ldap.

> > When doing your code, please think modular and define an interface
> > between main adduser and the "storage backend". Along this interface,
> > code responsibilities can be shared, and it would be possible to plug
> > in other backends.
> 
> Sure. As far as functions go, there's a set of common functions in the
> Common module.

Great. We seem to be on the same line then.

> > The first step would probably be defining that interface and modifying
> > existing adduser (including the "shadow/passwd" backend) to use it
> > before even thinking about ldap or other backends.
> 
> Yes, that's what I did and wrote in the previous e-mail. I currently more
> or less have all the features of the existing adduser working.

Would it be helpful for you to work in a branch in the adduser svn
repository? If so, I can grant your alioth account commit access.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835

More information about the Adduser-devel mailing list