libnss-mysql enables the following:
- System-wide authentication and name service using a MySQL database.
Applications do not need to be MySQL-aware or modified in any way.
- Storing authentication information in a database instead of text
- Creation of a single authentication database for multiple servers.
This is often referred to as the "Single Sign-on" problem.
- Writing data-modification routines (IE self-management web interface).
libnss-mysql is similar to NIS or LDAP. It provides the same centralized
authentication service through a database. What does this mean?
Username, uid, gid, password, etc comes from a MySQL database instead of
/etc/password, /etc/shadow, and /etc/group. A user configured in MySQL
will look and behave just like a user configured in /etc/passwd. Your
applications such as ls, finger, sendmail, qmail, exim, postfix, proftpd,
X, sshd, etc. will all 'see' these users!
libnss-mysql does not provide a PAM solution. While PAM
applications will still be able to authenticate users (using pam_unix),
they will not be able to update information, such as user passwords.
Linux, Solaris, and FreeBSD (5.1+) are currently supported.
The current version of libnss-mysql allows you to store your user
'passwd', 'shadow', and 'group' information. It does not currently
handle information like mail aliases, hosts, netgroups, etc.