[CalendarServer-dev] [PATCH] Name Service Switch (NSS) based
directory service
Guido Günther
agx at sigxcpu.org
Sun Apr 27 02:21:39 PDT 2008
Hi,
I finally got bored of synchronizing accounts.xml with the other user
and group databases, so I stitched together a simple NSS based user and
group lookup directory service that simply uses the users and groups
known to the system.
You can set a prefix for groups and ranges for uids/gids to make sure
system/admin users/groups don't end up having calendars. There's no
location and resource handling yet although we could handle this too,
but a proper LDAP interface might be more appropriate in that case.
This directory service is not doing any authentication since everybody
is doing Kerboeros anyways nowadays, so have fun! Pam would be possible
to stich in too - but you'll have to hack up python-pam a bit which
isn't worth it - so better get your KDC now!
This was tested on Linux but should work on any unix based system. I'd
be happy to adjust for other OSes if there are problems. The first patch
adds the directory service itself while the second adds the defaults to
twistedcaldav.config. Use:
twistedcaldav.directory.nss.NssDirectoryService
as DirectoryService and have a look at twistedcaldav.directory.nss for
the available options. The patche are at Ticket #271 in trac:
http://trac.macosforge.org/projects/calendarserver/ticket/271
Cheers,
-- Guido
More information about the calendarserver-dev
mailing list