Oh, well. We should be off to fixing that bug, then.
2014/1/7 Steve Langasek <steve.langa...@canonical.com> > On Sun, Jan 05, 2014 at 10:50:35PM -0200, pabloalmeida...@gmail.com wrote: > > We really don't have a way to have the packages installed but the service > > stopped/unavailable until the user needs it? > > It could be done, but that's not the way Debian packages are put together > by > default. It would be a rather large amount of work, and I doubt that > filesharing on the local network is seen as an important enough use case > today to justify that effort. > > -- > Steve Langasek Give me a lever long enough and a Free OS > Debian Developer to set it on, and I can move the world. > Ubuntu Developer http://www.debian.org/ > slanga...@ubuntu.com vor...@debian.org > > > > 2014/1/5 Steve Langasek <steve.langa...@ubuntu.com> > > > > On Sun, Jan 05, 2014 at 12:47:47PM -0500, Stéphane Graber wrote: > > > > Ubuntu has a no open port by default policy at least for the Desktop > > > > installation. If you look at a default Ubuntu Desktop system the only > > > > exceptions you should see to that rule are the DHCP client (which > needs > > > > to listen on udp/68) and avahi-daemon (which needs to listen on > > > > udp/5353). > > > > > > > So having samba installed and running by default isn't an option and > > > > would be a potential security risk for millions of systems which do > not > > > > need the service at all anyway. > > > > > > > I think having nautilus prompt the user for those packages to be > > > > installed is perfectly reasonable, having to restart the session > however > > > > seems a bit odd to me and shouldn't be a requirement. > > > > > > The requirement follows from the fact that CIFS shares require a > different > > > password hash to be available on the server system for authentication > than > > > the one used by default in /etc/shadow, and while the permissions on > the > > > file managed by libpam-smbpasswd are secure, the NTLM hashes are > strictly > > > weaker than the hashes used for /etc/shadow, which exposes users to > greater > > > risk of password cracking if the database is stolen. So since these > hashes > > > are not generated until the user opts in to CIFS sharing through > nautilus > > > (changing their PAM config), the session logout/login is unavoidable. > > > > > > -- > > > Steve Langasek Give me a lever long enough and a > Free OS > > > Debian Developer to set it on, and I can move the > world. > > > Ubuntu Developer > http://www.debian.org/ > > > slanga...@ubuntu.com > vor...@debian.org > > > > > > > > > > > -- > > Pablo Almeida > > http://www.google.com/profiles/pabloalmeidaff9 > -- Pablo Almeida http://www.google.com/profiles/pabloalmeidaff9
-- ubuntu-desktop mailing list ubuntu-desktop@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-desktop