> kvm is really the wrong way to do identd, or nearly anything.

I'm mostly inclined to agree with you, with the (possible) exception of
kernel coredump groveling.  (Indeed, this is one of the (few) big
advantages of kvm: the API is identical regardless of whether you're
talking to a kernel coredump or a live system.)

As for identd, I'm not convinced it's a useful tool for kernel
coredumps.  Thus, a somewhat off-the-wall suggestion, which please feel
free to rave about or rave at as you please :-)....

AF_KERN sockets.

As in, to invent an API,

int identd_lookup(int port1, int port2)
{
	int p[2];
	int uid;
	static int s = -1;

	/* error checking omitted for brevity/clarity */
	if (s < 0) s = socket(AF_KERN,SOCK_DGRAM,KSOCK_IDENT);
	p[0] = port1;
	p[1] = port2;
	write(s,&p[0],2*sizeof(int));
	read(s,&uid,sizeof(int));
	return(uid);
}

The kernel implementation would presumably demand root access.

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B