Re: [caiman-discuss] Draft design for unconfiguration of user/root account

Thu, 17 Mar 2011 07:21:33 -0700 

On 03/16/11 07:36, Jan Damborsky wrote:

Hi,

I would appreciate review of draft design
for unconfiguration of user/root account.


        Looks good to me.  I skimmed b and c as well.  Also
        a couple comments.
        useradd in the current gate should be able to create
        zfs home directories and auto_mount maps by default.
        
        1265957 usermod add encrypted password needs to
        not take the password from the command line, or from
        an environment variable.  Both are technically violations
        of policy.  It can certainly read it from a read protected
        file.  root:root 600.

        While shadow(4) syntax is considered stable, the contents
        of the various fields is not -- and in general is not a
        stable interface.  We can certainly work through contents
        issues as need be.

        b, 10.2 exposes password values and contains primary
        administrator.  I presume this is out of date.

        We've talked about how to use pam_chauthtok() to do
        password qualification and hashing.  I've convinced
        myself that this should be straight forward if the
        installer can take the hash from a file written to
        a specified path.  The hard part is to present the
        user with a conversation if this is a GUI rather than
        a tty based interaction.

        In c, page 7 groupings:users I believe the same applies
        unless passwd(1) can be used.  And I thought that the initial
        user and root passwords were to be the same, root a role,
        and the initial user granted the root role.  The root password
        would be expired (passwd -r files -f root).

> 6.2 root account
> ----------------
> For root account, smf unconfigure method will
>
> * remove password hash from shadow(4) file
> (replace it with empty string)
>
> * change root to normal account if it was configured
> asa role.
        
        6.2 passwd -r files -d root should be used to delete the
        root password.  userattr type root will print role to
        stdout if root is of type role and exit 0, nothing and exit 1 if
        type is not an attribute of root.
        rolemod -K type=normal root will change root to a normal login
        account.

Cheers,
Gary..
_______________________________________________
caiman-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/caiman-discuss

Reply via email to