User and then the admin could just change policy.conf rather than
have to create a new profile and update pam.conf if they wanted
no remote login for example -- this the same strategy as for
disabling use of cdrw.
Interesting, I though we wanted to move away from
Gary Winiger wrote:
The solaris.login authorizations are granted to all accounts via
Basic Solaris User, so the behaviour of the system remains the same
in default configurations.
Since we do not want customers modifying Sun delivered Rights
Profiles, IMO it would be
(While at this point there is nothing fundamentally different between
a rights profile as assigned to users and a policy profile as
specified as argument here they are conceptually different: the first
assigns all rights and auths it contains, while the latter is used to
check for
The solaris.login authorizations are granted to all accounts via
Basic Solaris User, so the behaviour of the system remains the same
in default configurations.
Since we do not want customers modifying Sun delivered Rights
Profiles, IMO it would be better to add a new
On 02/04/09 21:08, Gary Winiger wrote:
Timer is set for Friday 30th Jan 2009. Release binding is patch but
with no intention to backport to Solaris 10.
IMO, any backport would require integration with the S10 RBAC
interfaces including SMC. For this particular project, that
Timer is set for Friday 30th Jan 2009. Release binding is patch but
with no intention to backport to Solaris 10.
IMO, any backport would require integration with the S10 RBAC
interfaces including SMC. For this particular project, that
looks to me like a testing
James Carlson wrote:
Darren J Moffat writes:
%d is replaced by the DNS domain name.
Which one is the DNS domain name? I don't think there's a canonical
one on the system. You can have multiple search domains in
/etc/resolv.conf.
If you're referring to /etc/defaultdomain,
Darren J Moffat writes:
%h is replaced by the hostname, as returned by
gethostname(3C)
That's just the local host name. Is the remote host name ever
significant?
We have discussed wither or not the remote hostname (as found in
PAM_RHOST if it is
Timer is set for Friday 30th Jan 2009. Release binding is patch but
with no intention to backport to Solaris 10.
I intend to have a comment on this case, if nothing else a +1,
but an pressed for time right now, so I'd like to ask for more
time probably til 3/4 Feb if I