LDAP, PostgreSQL Access Control Database
I had started another thread relating to pam_pgsql access control to specific services. I mentioned that it does not support groups (although looking at the code I think any reasonable UNIX hacker could add it [i'm just a hack, not a hacker]). pam_ldap DOES support groups, however (er, I think it does anyway). The thing I don't like about LDAP is that I don't know much about how easy it is to administer an LDAP tree through a web interface. I also don't like having 5 different database systems on my machine if I can help it. I've heard it's possible to setup LDAP to use Postgres in the backend but that it could be difficult at times. Soliciting comments or ideally an offer for someone to add groups support to pam_pgsql...
My main goal is to control access to 5 services, A-E. user X could acces services A, B and E while user Y could access services A, C, and D. Get it? Maybe I'm going the completely wrong route.