Vitalnix : User Management Suite
  manual v1.90.5.2

Description

This section describes the idea behind Vitalnix and the Unified Account Database.

Intention

Daxtraq was written in 1996 to help adding and deleting a bunch of users. (The first time, it was 1200 users, then about 200 every consecutive year.) It used direct file operations until 2003, when LDAP (or a hook for LDAP) was requested. So the design of Daxtraq ought to change to support multiple backends. It turned out to be better to modularize and separate certain parts, so it was split up into libaccdb and Daxtraq.

Default state

The following image shows what a default today's system would look like, including Daxtraq < v1.90.3.x (which did not have ACCDB), though, which is already capable of handling more than one backend.


Colors: red = write :: yellow = programs :: green = write :: cyan = abstraction layer :: blue = abstraction code :: magenta = system libraries

Green and red arrows denote the flow of data (read and write). As you can see, the scene is really cramped. Every user database has its own, clearly separated region with its own access functions and programs. Other programs might even not use libc's password functions at all and directly access /etc/passwd. There are various reasons for that. (Daxtraq actually used perlio/stdio since the very beginning...)

Contra libc

Pro ACCDB

Future Daxtraq/ACCDB state

The next image shows the state strived for.


Colors: red = write :: yellow = programs :: green = write :: cyan = abstraction layer :: blue = abstraction code :: magenta = system libraries

The image shows programs which all use an abstraction layer which modules do provide. The modules then do the necessary database and I/O operations depending on what the database system is. One ACCDB back-end might use two others (Migration Service in the image), another might separate two groups across two servers/networks and writes an extra copy to a backup server.

getpwent() re-entrancy problem example

#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>

int main(void) {
  struct passwd *r;
  while((r = getpwent()) != NULL) {
    printf("r=%p, r->pw_name=%s\n", r, r->pw_name);
  }
  return !1;
}

You will see that r is the same all the time, indicating that a static buffer is used.


November 14 2003