On Thu, 2012-07-19 at 00:53 +0000, Steven Jones wrote: > Actually its pam....unless IPA is as well. > > Which makes sense then to have an application run < 500 so inherently it > cannot be logged into via ssh....
Well, it's possible to configure your system to allow logging in to users below 500, but it's not recommended. The real risk is of having system services with an ID that conflicts with a user.
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users