on Fri, Dec 21, 2001 at 10:43:45AM -0800, cgd@broadcom.com wrote:
> At Fri, 21 Dec 2001 16:24:10 +0000 (UTC), xs@kittenz.org wrote:
> > What about a passwdfs, implemented in a similar way to portalfs? This could
> > be set up in a way such that a binary that does authentication doesn't
> > necessarily need to be s[gu]id or run as root.
> 
> and don't forget a localefs, etc. etc. etc.

oh sure, having a filesystem for somethings is insane. Making something
a filesystem to avoid making a dynamic library doesn't sound like a good
idea to me.

But a passwordfs was something I'd thought about before because it
seems to have some advantages in some situations, although is no
good in others. (eg, AFS as Jason pointed out)
I think hpux has something under /tcb like this, I don't know
if it was an actual filesystem though. (or of the negative experiences
people might have had with this)

> Plus then you put extra garbage into the kernel.  and also you've got
> the problem of needing the bloody FS mounted to do anything useful...

unless you fall back on /etc/{master.,}passwd and make passwordfs
optional.

I had originally thought of passwordfs as a layer of abstraction,
keeping /etc/{master.,}passwd present, fully working and up to date.

user_proc -> /pass/blah/blah -> mount_passfs -> /etc/spwd.db (or whatever)
          -> /pass/blah/blah -> mount_passfs -> kerberos,etc (could be done
                                                with bsdauth modules and/or
                                                pam..)
          -> (fall back on) /etc/spwd.db (or whatever)

I admit, looking at it now, it does seem over the top :)