Search K
Appearance
Appearance
passwd
) User is looked up using getpwnam()
call, which usually looks into /etc/passwd
file, but depending on NSS authentication database configuration it may also look up the user from, e.g., LDAP database.
Most commonly used as a userdb.
The lookup is by default done in the auth worker processes. If you have only a small local passwd file, you can avoid having extra auth worker processes by disabling it:
userdb {
driver = passwd
args = blocking=no
}
It's possible to override fields from passwd and add userdb extra fields with templates, but it's done in a better way by using override_fields
.
For example:
userdb {
driver = passwd
override_fields = home=/var/mail/%u mail=maildir:/var/mail/%u/Maildir
}
This uses the UID and GID fields from passwd, but home directory is overridden. Also the default mail_location setting is overridden.
Many systems use shadow passwords nowadays so passwd doesn't usually work as a password database. BSDs are an exception to this, they still set the password field even with shadow passwords.
With FreeBSD, passwd doesn't work as a password database because the password field is replaced by a *
. But you can use passwd-file authentication database instead.