Davor Ocelic <[EMAIL PROTECTED]> writes: > 1) Do hcoop and domtool users need USER.cgi and USER.mailfilter > principals (and everything that goes with them)?
No. I suppose we should add a flag to create-user for "non-human" accounts. > 2) User 'domtool' is dedicated to domtool; what does 'hcoop' user > serve for? No idea. Kinda curious. > 3) Why is nss-ptdb resolving AFS groups into usernames? If you have > AFS group "X" and type 'id X' on command line, it will resolve > X as a user... is this behavior generally wanted? Because I had stupidly put "ptdb" on the "groups" line in nsswitch.conf. This is fixed now. > 4) I implemented user/groups scheme for services as described in previous > mail, but groups are named SERVICE.service, not simply SERVICE. > (To prevent nss-ptdb resolving them as user names, as said above..) I really think we ought to discuss this. There's no need to prevent them from resolving if we don't go per-host. > 10) Adamc please tune permissions on and in /afs/hcoop.net/usr/hcoop/ . > If you want hcoop to own them, chown hcoop. If you want apache, > chown to www-data.service . Are we getting rid of /afs/hcoop.net/usr/ at some point? - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
