Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On 11/11/11 15:56, Harry Putnam wrote: sol11 will not let you chose your own passwd for root if it doesn't have either a number or special char in it. Yes, passwd/PAM now enforces the password strength checks for root as it has always done for normal users. See passwd(1) & pam_authtok_check(5) for details. -- -Alan Coopersmith-alan.coopersm...@oracle.com Oracle Solaris Platform Engineering: X Window System ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
Alan Coopersmith writes: >> It appears to no longer even be possible to circumvent the suggested >> usage of root account and allow root logins. >> >> Anyone know for sure if it is still possible to enforce an old >> fashioned root account with regular login access? If so how might it >> be done? >> >> On oi its no harder than `rolemod -K type=normal root' and then allow >> root login in /etc/ssh/sshd_config. >> >> That does not work on sol11. Even editing /etc/ssh/sshd_config, there >> appears to be some extra editing needed on involving pam. > > That's two different things there - one is allowing root to login as an > account directly, the other is allowing login via ssh, which wasn't > allowed by default in Solaris 9 or 10 with a normal root account either. Yes, I knew that, yet still managed to confuse them together. After making both edits...I was not able to ssh to root, and from there got into the muddle. However I see now that the sole reason really stemmed from something about sol11 that really is different. sol11 will not let you chose your own passwd for root if it doesn't have either a number or special char in it. The login I normally use for root has upper and lower case letters and a nice random selection of them... but sol11 will not allow me to use that passwd. So I added an underscore and moved on. However, I have become so accustomed to logging in as root with my regular passwd, that the next day, when I got around to working on the root account edits, and it came time to enter a passwd with ssh to root, I entered my regular passwd .. when it was denied forgot that I had been forced to use an underscore and I took the reason for failure to be that I was not allowed to ssh to root even though I had edited sshd_config. So there is something that sol11 puts in the way... but it is neither of root user/role nor edit of sshd_config... so I'm really sorry for the line noise. ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On Nov 11, 2011, at 11:55 AM, James Carlson wrote: > Edward Martinez wrote: >> On 11/11/11 06:48, James Carlson wrote: >>> But sources were indeed promised at some unspecified date after the >>> binary release. Hope they carry through. >>> >>> http://mail.opensolaris.org/pipermail/opensolaris-discuss/2010-August/059310.html >>> >>> >> Some solaris 11 code were published and it appears some of the >> files are CDDL licensed . I guess this is the only CDDL source will >> get. well, maybe for now. >> >> http://oss.oracle.com/systems-opensourcecode/#oracle-solaris > > I looked those files over carefully, and that appears to be just the > "must be distributed" third-party stuff, such as GPL'd components, and > few user-level example bits. That's not at all what was referenced in > the link I provided above. Yes, I saw that too (although I didn't look as closely, just looked for kernel code). I saw a page for what I can play with soonest, how to quickly install as a VirtualBox guest. But the page it linked to http://www.oracle.com/technetwork/server-storage/solaris11/downloads/index.html did not appear to include a pre-installed VM among the downloads, although it was implied to be there. While I assume that means a regular install might work, it would be much quicker to check things out if the pre-installed VM (with suitable settings, so one needn't guess) was available. Once again, this suggests to me a disinterest in anything other than official channels, Fortune 100 clients, etc. Never mind that people working at large clients might want to familiarize themselves on their own time… ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On 11/11/11 05:15, Harry Putnam wrote: Alan Coopersmith writes: On 11/10/11 23:00, Gabriele Bulfon wrote: Oracle announced availabilty of Solaris 11. Do you notice any real news in the O.S. that OI/IllumOS has not? http://blogs.oracle.com/darren/entry/completely_disabling_root_logins_on It appears to no longer even be possible to circumvent the suggested usage of root account and allow root logins. Anyone know for sure if it is still possible to enforce an old fashioned root account with regular login access? If so how might it be done? On oi its no harder than `rolemod -K type=normal root' and then allow root login in /etc/ssh/sshd_config. That does not work on sol11. Even editing /etc/ssh/sshd_config, there appears to be some extra editing needed on involving pam. That's two different things there - one is allowing root to login as an account directly, the other is allowing login via ssh, which wasn't allowed by default in Solaris 9 or 10 with a normal root account either. In any case, I believe both of those should be possible, but troubleshooting what went wrong would be easier with details about which step failed. Can you login as root on console?Does ssh give some error message when you connect?Did you reset root's expired-by-default password first? -- -Alan Coopersmith-alan.coopersm...@oracle.com Oracle Solaris Platform Engineering: X Window System ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
Hillel Lubman wrote: > It's a make it or break it moment. If Oracle holds to their promise to > release the source especially for ZFS - good. If they will make ZFS closed > from now on - do you think illumos can manage to pull it through on its own? Yes, but there are some interesting technical challenges. One is that the zpool and zfs version numbering space is flat, so unless the new on-disk (and in-stream) formats can be reverse-engineered, the compatibility story will be unusual, to say the least. -- James Carlson 42.703N 71.076W ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On 11/11/11 06:30, Gary Mills wrote: Is there a legal requirement to release source built in to CDDL? Yes, if your only right to the sources are the CDDL, and not the fact that you own the copyrights, were assigned copyrights, or have a license allowing you to ship them under another license. There are some CDDL sources in the 3rd party source release that was posted, like Joerg Schilling's cdrtools. -- -Alan Coopersmith-alan.coopersm...@oracle.com Oracle Solaris Platform Engineering: X Window System ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
Edward Martinez wrote: > On 11/11/11 06:48, James Carlson wrote: >> But sources were indeed promised at some unspecified date after the >> binary release. Hope they carry through. >> >> http://mail.opensolaris.org/pipermail/opensolaris-discuss/2010-August/059310.html >> >> > Some solaris 11 code were published and it appears some of the > files are CDDL licensed . I guess this is the only CDDL source will > get. well, maybe for now. > >http://oss.oracle.com/systems-opensourcecode/#oracle-solaris I looked those files over carefully, and that appears to be just the "must be distributed" third-party stuff, such as GPL'd components, and few user-level example bits. That's not at all what was referenced in the link I provided above. -- James Carlson 42.703N 71.076W ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
It's a make it or break it moment. If Oracle holds to their promise to release the source especially for ZFS - good. If they will make ZFS closed from now on - do you think illumos can manage to pull it through on its own? Regards, Hillel. On Fri, Nov 11, 2011 at 9:48 AM, James Carlson wrote: > They're the legal owners of the code, so it frankly does not matter what > the CDDL says. The property owner can set or change any terms at any > time, and is not bound by previous terms. > > But sources were indeed promised at some unspecified date after the > binary release. Hope they carry through. > > > http://mail.opensolaris.org/pipermail/opensolaris-discuss/2010-August/059310.html > > -- > James Carlson 42.703N 71.076W > > ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On 11/11/11 06:48, James Carlson wrote: Gary Mills wrote: On Fri, Nov 11, 2011 at 08:47:56AM -0500, Edward Ned Harvey wrote: From: Gabriele Bulfon [mailto:gbul...@sonicle.com] Oracle announced availabilty of Solaris 11. Do you notice any real news in the O.S. that OI/IllumOS has not? What is the status of the promised sources? Sources were never promised. We all want them, but I never believed they were going to release them. Is there a legal requirement to release source built in to CDDL? If not, we are unlikely to see it. They're the legal owners of the code, so it frankly does not matter what the CDDL says. The property owner can set or change any terms at any time, and is not bound by previous terms. But sources were indeed promised at some unspecified date after the binary release. Hope they carry through. http://mail.opensolaris.org/pipermail/opensolaris-discuss/2010-August/059310.html Some solaris 11 code were published and it appears some of the files are CDDL licensed . I guess this is the only CDDL source will get. well, maybe for now. http://oss.oracle.com/systems-opensourcecode/#oracle-solaris ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
Gary Mills wrote: > On Fri, Nov 11, 2011 at 08:47:56AM -0500, Edward Ned Harvey wrote: >>> From: Gabriele Bulfon [mailto:gbul...@sonicle.com] >>> >>> Oracle announced availabilty of Solaris 11. >>> Do you notice any real news in the O.S. that OI/IllumOS has not? >>> What is the status of the promised sources? >> Sources were never promised. We all want them, but I never believed they >> were going to release them. > > Is there a legal requirement to release source built in to CDDL? > If not, we are unlikely to see it. They're the legal owners of the code, so it frankly does not matter what the CDDL says. The property owner can set or change any terms at any time, and is not bound by previous terms. But sources were indeed promised at some unspecified date after the binary release. Hope they carry through. http://mail.opensolaris.org/pipermail/opensolaris-discuss/2010-August/059310.html -- James Carlson 42.703N 71.076W ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
they own the code and therefore can do whatever they want with it On Fri, Nov 11, 2011 at 11:30 AM, Gary Mills wrote: > On Fri, Nov 11, 2011 at 08:47:56AM -0500, Edward Ned Harvey wrote: >> > From: Gabriele Bulfon [mailto:gbul...@sonicle.com] >> > >> > Oracle announced availabilty of Solaris 11. >> > Do you notice any real news in the O.S. that OI/IllumOS has not? >> >> > What is the status of the promised sources? >> >> Sources were never promised. We all want them, but I never believed they >> were going to release them. > > Is there a legal requirement to release source built in to CDDL? > If not, we are unlikely to see it. > > -- > -Gary Mills- -refurb- -Winnipeg, Manitoba, Canada- > > ___ > OpenIndiana-discuss mailing list > OpenIndiana-discuss@openindiana.org > http://openindiana.org/mailman/listinfo/openindiana-discuss > ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On Fri, Nov 11, 2011 at 08:47:56AM -0500, Edward Ned Harvey wrote: > > From: Gabriele Bulfon [mailto:gbul...@sonicle.com] > > > > Oracle announced availabilty of Solaris 11. > > Do you notice any real news in the O.S. that OI/IllumOS has not? > > > What is the status of the promised sources? > > Sources were never promised. We all want them, but I never believed they > were going to release them. Is there a legal requirement to release source built in to CDDL? If not, we are unlikely to see it. -- -Gary Mills--refurb--Winnipeg, Manitoba, Canada- ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
> From: Gabriele Bulfon [mailto:gbul...@sonicle.com] > > Oracle announced availabilty of Solaris 11. > Do you notice any real news in the O.S. that OI/IllumOS has not? How about a zpool version higher than 28? AKA, all the stuff that's now in closed source development. Not in OI/Illumos. > What is the status of the promised sources? Sources were never promised. We all want them, but I never believed they were going to release them. Did you ever listen to Larry talk about open source? There's this one in particular, where he says something like "We used to spend tons of money developing our own http server, and then apache came along, so we were able to fire all those people and use apache for free, and sell it even though the customers could get it for free." He was so proud. And I'm sure he's not willing to be on the other side of the equation - allowing companies like apple, nexenta, etc, to make money off the open source he pays to develop. Don't count on seeing any open source, IMHO. ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
Alan Coopersmith writes: > On 11/10/11 23:00, Gabriele Bulfon wrote: >> Oracle announced availabilty of Solaris 11. >> Do you notice any real news in the O.S. that OI/IllumOS has not? > > http://blogs.oracle.com/darren/entry/completely_disabling_root_logins_on It appears to no longer even be possible to circumvent the suggested usage of root account and allow root logins. Anyone know for sure if it is still possible to enforce an old fashioned root account with regular login access? If so how might it be done? On oi its no harder than `rolemod -K type=normal root' and then allow root login in /etc/ssh/sshd_config. That does not work on sol11. Even editing /etc/ssh/sshd_config, there appears to be some extra editing needed on involving pam. ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
Re: [OpenIndiana-discuss] Solaris 11 is out - so?
On 11/10/11 23:00, Gabriele Bulfon wrote: Oracle announced availabilty of Solaris 11. Do you notice any real news in the O.S. that OI/IllumOS has not? http://blogs.oracle.com/darren/entry/completely_disabling_root_logins_on http://blogs.oracle.com/darren/entry/password_caching_for_solaris_su http://blogs.oracle.com/darren/entry/user_user_home_directory_encryption http://blogs.oracle.com/darren/entry/immutable_zones_on_encrypted_zfs http://blogs.oracle.com/darren/entry/my_11_favourite_solaris_11 http://hub.opensolaris.org/bin/view/Community+Group+fm/Solaris11FCS http://blogs.oracle.com/SolarisSMF/entry/introducig_smf_layers http://blogs.oracle.com/zoneszone/entry/these_are_11_of_my http://blogs.oracle.com/DanX/entry/solaris_x86_aesni_openssl_engine -- -Alan Coopersmith-alan.coopersm...@oracle.com Oracle Solaris Platform Engineering: X Window System ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss
[OpenIndiana-discuss] Solaris 11 is out - so?
Oracle announced availabilty of Solaris 11. Do you notice any real news in the O.S. that OI/IllumOS has not? What is the status of the promised sources? Inviato da iPad ___ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss