Caching support in authtool
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| authtool (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
Binary package hint: authtool
I haven't found where to sent features, so I am using this:
We are using LDAP for authentication even on laptops. We have quiet small LDAP database (< 100MiB) without kerberos. Because laptop needs to work even when offline or when connected to network without internet access.
Using this in /etc/nsswitch.conf can lockup computer sometime (network problems).
passwd: files ldap
group: files ldap
Therefore we use this list of packages: libnss-ldap nss-updatedb (for LDAP auth we have this libpam-ccreds libpam-ldap )
in /etc/nsswitch.conf I have this:
passwd: files db
group: files db
/etc/libnss-
Every hour I run program:
fping ldap.server && nss_updatedb ldap
It downloads the LDAP database to /var/lib/misc/ every hour. The configuration is read from this location by the NSS. The current package version of nss_updatedb has a problem when LDAP server is not available - therefore the fping command.
Advantage is that it is always working.
For authentication we use ccreds to locally store password and LDAP is not available to authenticate against it.
auth [user_unknown=
auth [authinfo_
auth [default=done] pam_ccreds.so action=validate use_first_pass
auth [default=done] pam_ccreds.so action=store use_first_pass
auth [default=bad] pam_ccreds.so action=update use_first_pass
| Changed in authtool: | |
| importance: | Undecided → Wishlist |
| status: | Unconfirmed → Confirmed |
