diff options
author | Menno E. Duursma <druiloor@zonnet.nl> | 2010-05-11 14:56:23 +0200 |
---|---|---|
committer | Michiel van Wessem <michiel@slackbuilds.org> | 2010-05-11 14:56:23 +0200 |
commit | fa5d40c6c9310fcc68552d49057e8c00b483c818 (patch) | |
tree | 085ac88cb536699e2e1e4abb0a1a4fa66c92049f /libraries/nss-mysql/README | |
parent | 692b814b6acff1ddb46058a8846e3724f579ce9e (diff) | |
download | slackbuilds-fa5d40c6c9310fcc68552d49057e8c00b483c818.tar.gz slackbuilds-fa5d40c6c9310fcc68552d49057e8c00b483c818.tar.xz |
libraries/nss-mysql: Initial import
Diffstat (limited to 'libraries/nss-mysql/README')
-rw-r--r-- | libraries/nss-mysql/README | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/libraries/nss-mysql/README b/libraries/nss-mysql/README new file mode 100644 index 0000000000..9f48ffb1d5 --- /dev/null +++ b/libraries/nss-mysql/README @@ -0,0 +1,41 @@ +The NSS-MySQL name service switch library + +libnss_mysql retrieves user account information from a MySQL database server. +Per default stored in /etc/{group,passwd,shadow} on Unix-like systems. Which +(partly) is similar in functionality to NIS, LDAP, RADIUS, Hesoid, winbindd + +When used over a remote-network uttermost care should be taken in the security +of this (such as TLS/SSL encripting the connection) and even then storing any +valid password for such 'virtual' users is probably a bad idee in itself. + +Kerberos provides for far superior single-sign-on autentication system (the +'shadow' part in these kinds of systems) both in performance and security. + +On to the good stuff :-) +To get this working (locally) login to the database server, presuming that +it is running; otherwise read /etc/rc.d/rc.mysqld first; to make the DB: + +# mysql -uroot -p +> CREATE DATABASE nss_mysql; + +After this is done it has to be populated with the user tables; there is +an example for them is provided in /usr/doc/nss-mysql-<version>/sample.sql + +You can copy that to say /tmp , (probably) edit it some and insert it with: + +# mysql -uroot -p -D nss_mysql < /tmp/sample.sql + +After this is done create the 'nss' and 'nss-shadow' database users with +statements such as the ones found in /usr/doc/nss-mysql-<version>/SHADOW +And make sure the passwords for them in /etc/nss-{mysql,mysql-root}.conf +are the same ... + +Now edit your /etc/nsswitch.conf to look like the -mysql and try the commands + +getent passwd +getent shadow + +Which should list the users pulled from mysql! +( Otherwise have a look at 'tail /var/log/syslog' - for hints to fix it). + +-Menno. |