# # This is an example configuration file for the nss-mysql library # You CANNOT put 2 assignments on the same line. # # All assigments must have this form # [users,groups].parameter = value; # # NOTE: [users,groups].parameter =; makes parameter empty (valid) # # All errors will be reported in your auth log # # All default values match sample.sql. Read it if you don't understand # the role of a parameter. # # If you are still lost, write to nss-mysql-users@mail.freesoftware.fsf.org # # # Configuration file upgrade instructions: # # From an unumbered configuration file (without a conf.version line) # To conf.version = 2 # # - Replace ALL field names by fully qualified field names. For instance # if you have # users.uid_column = uid; # replace it with # users.uid_column = user.uid; # provided "user" is the table name. # # - Add a # conf.version = 2; # line somewhere in this file so that the parser is aware that # you took care of the conversion. # # # Configuration file version # conf.version = 2; ### DB Access # host: database host # Accepted forms: # 1) inet:host:port or unix:socket (recommended) # 2) inet:host (port will be 3306) # 3) host:port (inet socket will be used) # 4) host (inet socket on port 3306 will be used) users.host = inet:localhost:3306; # database: database name # This database MUST contain all the columns mentionned in this file users.database = nss_mysql; # db_user: database user # it must have the right to select all columns mentionned in this file users.db_user = nss; # db_password: password of db_user # Can be empty users.db_password = mAip2sFxXJcw; # backup host # A backup MySQL server # Can be empty users.backup_host = inet:backup:3306; # The following parameters work just like # the main server's. They can be empty. # If some are and secondary_host is not, # the corresponding value for the main # server will be used users.backup_database = nss_mysql_backup; # users.backup_db_user = nss; # users.backup_db_password = mAip2sFxXJcw; ### USERS ### This is the user configuration part # table: table containing all the following users.fields users.table = user; # where_clause: a clause that user must respect to be considered valid. # It is useful to enable only some users of your database. # All fields must be fully qualified, i.e. written as table.field # Can be empty users.where_clause = user.status = 'A'; # user_column: column containing the UNIX usernames # The field name must be fully qualified, i.e. written as table.field users.user_column = user.user_name; # password_column: column containing the users' passwords # This is only used if you have disabled shadow support # (not recommended) # The field name must be fully qualified, i.e. written as table.field users.password_column = user.password; # userid_column: should be the PRIMARY KEY of the table # This information is used as a FOREIGN KEY in groups.members_table # The field name must be fully qualified, i.e. written as table.field users.userid_column = user.user_id; # uid_column: column containing the users' UNIX uid # If you don't have such a column, you can use something like # users.uid_column = user_id + 2000; # The field name must be fully qualified, i.e. written as table.field users.uid_column = user.uid; # gid_column: column containing the GID of users' default group # If you don't have such a column, you can use something like # users.gid_column = 100; # The field name must be fully qualified, i.e. written as table.field users.gid_column = user.gid; # realname_column: column containing the users' realname # If you don't have such a column, you can use something like # user.realname_column = ""; # or # users.realname_column = "luser"; # :-) # The field name must be fully qualified, i.e. written as table.field users.realname_column = user.realname; # homedir_column: column containing the users'homedir # If you don't have such a column, you can use something like # user.homedir_column = concat('/home/',user_name); # The field name must be fully qualified, i.e. written as table.field users.homedir_column = user.homedir; # shell_column: column containing the users'shell # If you don't have such a column, you can use something like # user.shell_column = "/bin/sh"; # The field name must be fully qualified, i.e. written as table.field users.shell_column = user.shell; # This is the groups configuration part # This is only used if you have enabled the group support # group_info_table: table containing group_name_column,groupid_column # and gid_column groups.group_info_table = groups; # where_clause: a clause that a group must respect to be considered valid. # It is useful to enable only some groups of your database. # Can be empty # All fields must be fully qualified, i.e. written as table.field groups.where_clause = groups.status = 'A'; # group_name_column: column containing the UNIX group names # The field name must be fully qualified, i.e. written as table.field groups.group_name_column = groups.group_name; # groupid_column: should be the PRIMARY KEY of the table # This information is used as a FOREIGN KEY in groups.members_table # The field name must be fully qualified, i.e. written as table.field groups.groupid_column = groups.group_id; # gid_column: column containing the UNIX GID of the groups # If you upgrade from 0.22 and older, you can keep the old behavior using # something like the following: (2000 would be your old first_gid) # groups.gid_column = 2000+group_id # This is useful too if you do not have a GID column in your database # The field name must be fully qualified, i.e. written as table.field groups.gid_column = groups.gid; # password_column: column containing the UNIX password of the groups # # The name of this column MUST BE different from ANY columns defined # in user.table and groups.members_table # # If you don't have such a column, you should use something like # groups.password_column = "x"; # The field name must be fully qualified, i.e. written as table.field groups.password_column = groups.group_password; # members_table: table containing member_{userid,groupid}_column. # This reproduce /etc/group role by using SQL JOIN. # See sample.sql if you don't understand what I(it) mean(s) # The field name must be fully qualified, i.e. written as table.field groups.members_table = user_group; # member_{userid,groupid}_column # FOREIGN KEYS of users.user_id and groups.group_id # for each row, user represented by its user_id a member # of the group represented by its group_id # The field name must be fully qualified, i.e. written as table.field groups.member_userid_column = user_group.user_id; # The field name must be fully qualified, i.e. written as table.field groups.member_groupid_column = user_group.group_id;