Le Vendredi 3 Mars 2006 14:54, Greg Troxel a écrit : > 0) Declare invariants/rules that: > > accounts on the box are in 3 categories > > unix-only: primary gid != svusers, svusers is not in secondary gids > shell must not be the savane restricted shell. > must not be in any tables as a savane user, or project groups. > savane must never write to homedir or change anything. > > savane-only: primary gid is svusers > shell must be the restricted shell. > normal savane user stuff. > > savane-unix-both: primary gid != svusers, svusers in secondary gids > shell must not be the restricted shell. > savane must not write to home dir. > > savane should perhaps not let the user register ssh keys > and instead say "[managed by real account]" or something like > that. Currently they seem to get registered and ignored. >
Actually, one can configure savane to use the usual shell, not specifically the savane restricted shell. So we can hardly make assumptions on the selected shell. Also, it would be hard (but feasible) to have the interface to know if an account is in svusers group, because we cannot assume that the interface runs on the same server than the server that provide shell access. (we'd recommend to avoid this, for security reasons, to have at least both systems in separated chroots) > So this implies, in order that all savane ops preserve the invariant: > > Refuse to create an account if a Unix account is already present > unless the account is in the svusers group and the primary gid is > something else. Send an email to the unix account and the admins > with such failed attempts, pointing out that they should add > svusers as a secondary gid for the user if they wish to allow this. That's right, at least in logs, the admins should be warned that there is a name clash between a previously existant unix account and a savane account. Sending a mail each time would surely makes mad people that do not wish to allow this. Silently ignoring the problem, like it is done now, is indeed baffling, as you experienced. Finally, this would be usefully documented into Savane Doc project PDFs Regards, -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+ _______________________________________________ Savane-doc-dev mailing list [email protected] https://mail.gna.org/listinfo/savane-doc-dev
