Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do std unix apps authenticate etc/passwd or etc/shadow?

>How do I tell standard unix packages what file to use to allow
>authentication if its NOT etc/passwd? For example neomail needs etc/passwd
>user authentication. We need a good webmail program for osx and neomail
>seems to handle attachments well.

Software shouldn't read /etc/passwd directly; they should use the standard
POSIX getpwnam() API (and friends) which will "do the right thing" in
terms of talking to other information services, such as NetInfo or LDAP.
In the case of OS X, getpwnam() talks to lookupd over Mach IPC, which then
(for NetInfo and LDAP) talks to DirectoryServices over IPC, which then
talks to the directory server.

Moreover, if they are just performing authentication, they should use
something like PAM; in the case of NeoMail, check out:

http://www.fazekas.hu/~sini/neomail_pam/

PAM is not available in a shipping version of OS X but it is in the current
Darwin tree, so one might reasonably expect it to be in a future version of
OS X. PAM provides a similar abstraction for authentication that the standard
POSIX API does for retrieving user, group, etc information. In the case of
OS X, PAM uses a bespoke module to talk to the SecurityServer, which then
performs the authentication (perhaps by talking to DirectoryServices).

-- Luke

--
Luke Howard | lukehoward.com
PADL Software | www.padl.com
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.