Re: FreeBSD

[Christian Brueffer <chris@unixpages.org>]

On Thu, 14 Mar 2002 22:51:43 +0100
Ede Wolf <listac@nebelschwaden.de> wrote:

> Dan Melomedman wrote:
> > I don't know how FreeBSD can do it, but PAM under Linux is a dirty hack. 
> > Try to do it without PAM on FreeBSD (if FreeBSD even supports PAM) 
> > first. Also, I've heard of NIS-to-LDAP gateways used for this purpose.
> 
> If I'm not mistaken, FreeBSD as of Version 4.x (or earlier) does not 
> support the name service switch facility in its libc. So you won't be 
> able to use nsswitch-ldap nor will it be ported due to above reason.
> Likely to change with 5.x, but that still has a long way to go

Some time ago, I was trying to do the same. It`s true, there is no NSS in FreeBSD
yet, although the is someone working on a version for the 5.0 release.
You can still use OpenLDAP for auth, but it`s quite dirty and would involve some
scripting. Depending in how many users you want to authenticate, it would be hell slow too.

Write a script that extracts the user data from the LDAP Server and creates a master.passwd
file from it and runs pwd_mkdb afterwards.
Put that script into /usr/local/etc/rc.d and it should work (don`t quote me on that though, haven`t
tried it myself ;) )

You could also take a look at www.easyldap.org, which is supposed to work too (tried it myself,
but couldn`t get it to run, probably my fault)

> 
> P.S.: FreeBSD does support and use PAM by default. Not too sure, but I 
> believe its a ported version of Linux-pam.
> 

FreeBSD uses OpenPAM, which is not linux specific (if they used the linux version, it
would be GPLed and therefore not suitet for inclusion into the FreeBSD base install)

Christian

-- 
http://www.unixpages.org			chris@unixpages.org
GPG Pub-Key    : www.unixpages.org/cbrueffer.asc
GPG Fingerprint: 0DB5 8563 2473 C72A A8D1  56EA DAD2 B05D 5F3C 3185
GPG Key ID     : DAD2B05D5F3C3185