by redmail.netbsd.org with SMTP; 8 Feb 2000 16:19:21 -0000
	by mail2.panix.com (Postfix) with ESMTP
	id EF28F155C7; Tue,  8 Feb 2000 11:19:19 -0500 (EST)
Date: Tue, 8 Feb 2000 11:19:19 -0500
From: Thor Lancelot Simon <tls@rek.tjls.com>
To: Greg Hudson <ghudson@MIT.EDU>
Cc: current-users@netbsd.org, tech-security@netbsd.org
Subject: Re: Hesiod passwd entries and login classes -- don't seem to mix?
Message-ID: <20000208111919.A18338@rek.tjls.com>
Reply-To: tls@rek.tjls.com
References: <B4C54236.2A12%gadams@avernus.com> <200002081514.KAA13682@small-gods.mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <200002081514.KAA13682@small-gods.mit.edu>; from ghudson@MIT.EDU on Tue, Feb 08, 2000 at 10:14:20AM -0500

On Tue, Feb 08, 2000 at 10:14:20AM -0500, Greg Hudson wrote:
> > This sounds like a perfect use for the new login.conf mechanism,
> > using user classes.  Great!  But, from looking in
> > lib/libc/gen/getpwent.c (and from trying it), there seems to be no
> > way for libc to fetch the three new-style passwd fields via Hesiod.
> > getpwent assumes Hesiod entries are in the old passwd format.
> 
> Yeah, you're not the first one to want the new-style passwd fields in
> Hesiod (although you might be the second).  If the passwd map were in
> an extensible format, it would be more feasible.

Put me down as the third, then.

Though we have trouble here with people forging DNS responses.  If I
start using Hesiod I will also probably have to start using secure
DNS, to avoid nastiness like people's shells being 'overridden'.