Path: utzoo!attcan!uunet!lll-winken!lll-ncis!helios.ee.lbl.gov!pasteur!ucbvax!ucsfcgl!genie!scooter
From: scooter@genie.UUCP (Scooter Morris)
Newsgroups: comp.unix.wizards
Subject: Re: Alternatives for Yellow Pages?
Message-ID: <747@genie.UUCP>
Date: 8 Jan 89 05:31:02 GMT
References: <6999@pyr.gatech.EDU>
Organization: Genentech Inc., South San Francisco, CA
Lines: 48

From article <6999@pyr.gatech.EDU>, by david@pyr.gatech.EDU (David Brown):
> Hi.  Over the past several months, I've read several articles from
> SysAdmins who said that they didn't use Yellow Pages on their networks.
> I can understand this: we use yp and it's a real pain sometimes.  What
> are some alternate ways to get similar effects?  (I want user x to be able
> to use his same username and password on all our machines, and when he
> changes it on any machine, I want that change propagated to all the others).

	We had the same problem, but because we weren't using NFS,
	Yellow Pages wasn't an option.  We have two VAXes running
	4.3bsd and have hacked in the remote file system (RFS)
	distributed over USENET a couple of years ago.  So, we wanted
	to have duplicate password files on both systems, and wanted
	to have any changes on one system to take effect immediately
	on the other system.  We also wanted to have no user visible
	changes, and wanted to only have to add users on one system
	(easy, huh?).

	So, we modified /bin/passwd so that insted of updating the
	password database directly, it sends a packet to a password
	daemon.  The password daemon (passwordd) updates the local
	database, and queues up the change to any other machines which
	are sharing the same uid scheme.  The changes are then sent
	over TCP to the password daemon on each of the other machines
	which, in turn, update their local databases.  Sounds
	complicated, but its actually quite easy and (so far)
	reliable.  We've been using this scheme for about 2 years.
	One added benefit of this is that because all updates are to
	the password database insted of /etc/passwd, the system is
	much more efficient.  /etc/passwd gets regenerated once every
	20 minutes if there's been any changes.  This seems more than
	ample for programs like finger which requires /etc/passwd.
	Another benefit, which I haven't implemented so far is the
	ability to exclude fields from /etc/passwd, like the password,
	for example.

	At any rate, alternatives to YP are available!  We will be
	porting this code this year to our new Silicon Graphics
	Irises, so I'll be able to report on the portability of this
	stuff in the (hopefully) near future.

					Scooter Morris
					Genentech, Inc.
					scooter@genie.gene.com

	P.S.  This stuff is available to anyone who wants it, but
	you'll need source to take advantage of it because of the
	changes to /bin/passwd.