Coda File System

Sign-once system on Coda+Kerberos

From: M.Kondrin <mkondrin_at_hppi.troitsk.ru>
Date: Thu, 30 Sep 2004 08:34:52 -0700
Hello!
I am quite new to Coda and now I am investigating the possibility of 
implementing "sign-once system" with Coda+Kerberos on Linux worksattions.
First I want to thank for "Kerberos & Coda - Setup Instructions?" topic 
(from Jan Harkes, Ivan Popov, Jorge-Lean) - it was of great help to me 
after a week of trying to make Coda to work along with Kerberos.
The point is : so now we have all authentications done in one place (in 
Kerberos). But still we need two user/uid database (first one intrinsic 
to Coda and another in realm-wide user database), in other words - the 
authorization still needs to be done differently. Suppose this "another" 
(realm-wide)  database is implemented wthrough ns-switch with hesiod 
backend (or any other backend - nis,ldap and friends). So we still have 
to keep on synch-ing coda users' database with NSS-one. Wouldn't it be 
possible to make Coda to get its users through ns-switch (instead of 
"pdbtool" one)?

This would have one more side-effect. While I was trying (the "feedback 
from joeuser" case) to setup coda on my home workstation, it takes me 
quite a long time to learn that the default password for "admin" Coda 
user is "changeme". Wouldn't it be better in default case to have Coda 
to read its users from /etc/passwd - /etc/shadow files (while keeping in 
mind that lately it can be changed) to make things somethat easier to 
newcomer?
Thank you in advance.
Received on 2004-09-29 08:24:18