Need help for a python project
Gerhard Häring
gh at ghaering.de
Tue May 13 17:41:21 EDT 2003
Squeeze wrote:
> Hi guys !
Hi, anonymous coward! [1]
> I know you read something like a hundred post a day and you might be tired
> of long thread, so I'll try to be short :
> I'm to write a mini web-based administration tool, and since I fell in love
> with Python some weeks ago, I really would like to use it.
> The tool is supposed to manage the users and groups of a distant unix
> server, à la Webmin, working with Apache, and MySql (if needed).
MySQL is hardly ever needed :-P
> But Im kinda stuck : I don't know where to start actually ... I know it's
> related with something to do with /etc/passwd, but I badly lack experience
> of this kind of thing....
There are many ways to solve your problem. Unix is quite powerful in
this regard. That's why there are so many ways to shoot yourself in the
foot, too. Your project is an excellent opportunity to blow your foot
off :-) It's easy to create lots of security problems by solving this
task. I'd recommend you let it review by a Unix-savvy colleague.
You could interface the 'passwd', 'adduser' and 'deluser' executables.
This utility will have to run as user root, of course.
If I were you, I'd grab the opportunity and learn about PAM (Pluggable
Authentication Modules). I don't know much about them myself, but I do
know that it's possible to store user/password/etc. information in a
database instead of /etc/passwd|/etc/shadow using PAM.
You could then use a MySQL backend for PAM (or PostgreSQL, or a Berkeley
database, or LDAP, or whatever else pleases your heart).
> It's my first job, and I really don't wanna disapoint my job, if you know
> what I mean, so any hints, advice, or help would be looooved.
Try PAM + a database. I honestly think it's your best option.
> Or maybe you know some open source project where I might find ideas on how
> to start ?
>
> Help me Obi-Wan Kenobi. You're my only hope.
-- Gerhard
[1] I, for one take people more seriously if they post under their real
name. It's probably a cultural thing.
More information about the Python-list
mailing list