[80] in Hesiod
How can hesiod handle inconsistent passwd information?
daemon@ATHENA.MIT.EDU (Dan Sorak)
Mon Mar 16 12:00:37 1992
From: sorak@dimsum.eng.hou.compaq.com (Dan Sorak)
To: hesiod%Athena.MIT.EDU@twisto.eng.hou.compaq.com
Date: Mon, 16 Mar 92 10:54:56 CST
Let me get more specific. Has anyone run into the problem of serving hesiod
information to a network that has different "home" paths for the same user on
different machines? For example, the passwd entries from the two machines
are as follows:
on machine A: sorak:*:123:456:Dan Sorak:/home/sorak:/bin/csh
^^^^^^^^^^^
on machine B: sorak:*:123:456:Dan Sorak:/home1/sorak:/bin/csh
^^^^^^^^^^^^
NOTE: Machine B still has a /home directory, but it was too full,
so another disk was added...
Let me put a few restrictions on the possible answers. First of all, it is not
feasible to create different domains. The amount of users and the combination
of different home accounts on a per-machine/per-user basis on our network make
this incredibly unwieldy (we have over 400 machines to administer).
We have considered sending the client an "exception list" in the same packet
as the passwd information. A majority of users are in /home, so we would
pass across a list of exceptions along with the /etc/passwd line and let
the client machine look through the list for it's own entry. If an exception
entry is found, the client would replace the "home" field with the new
information (otherwise it would use the default provided in the original
passwd line). Unfortunately, this is also impossible due to the limited
amount of information that can be passed in a single request (the exception
list is too long).
Our only other recourse (other than forcing everyone to have a single,
consistent login point everywhere on the network) is to create a separate
hesiod service that provides the different "home" information to every
machine/user pair. This is also ugly because we have now doubled the
amount of network traffic for every passwd lookup.
Ideally, it would be up to the nameserver to make the distinction as to which
machine it was talking to and then serve up a different entry depending upon
that information. Unfortunately, that code is not part of named, nor do we
wish to modify the sources.
So, there you have it... Those are the solutions we looked at. If anyone out
there has any better ideas/solutions/implementations, please let me know...
--
Dan Sorak Compaq Computer Corporation
Systems Programmer MS 050701
sorak@compaq.com 20555 S.H. 249
(713) 378-7152 Houston, TX 77070
