Adding System Level Accounts from chroot-ed Apache?

roadoi asks: "I have a Web server which is running RHLinux 6.0 and Apache 1.3.9+PHP 3.0.12 in a chrooted environment. This machine also runs an ftp server which authenticates off of the main /etc/passwd file. I want to have the ability to add system level accounts from the Web server (by running a script, etc.) and have accounts added to the main /etc/passwd file rather than the cut down /etc/passwd file lying within the chroot environment. Accounts should be active immediately so polling a database or the like at regular intervals is out of the question. Is this at all possible?" I see why polling some file would be such a bad idea, but maybe some kind of solution could be arranged where a daemon could be set to watch a port for account data. This opens up very large can of worms, however and is probably not the best option. Does anyone have any better solutions?

Hard link?

[Coward,+Anonymous]

I haven't tried it, but I'd think that creating a hard link to /etc/passwd should work.

This is not a good idea

[pdlug]

Adding system level accounts in this way is a bad idea, it's insecure and if the program is not written carefully you can hose your passwd file. I would reccommend having it add users to a database or datafile. For ftp server authentication switch to a server like proftpd which has support for a variety of authentication types (and if it's not support it's easy to hack in since they have a module architecture that is clean and easy to work with). Or perhaps the ftp server can be forced through a configuration option to use a passwd file other than /etc/passwd, this might work out quite well.