similar to: [PATCH] Drop fine-grained privileges on Illumos/Solaris

On 11/12/15 6:24 PM, Darren Tucker wrote: > > As long as someone is willing to do the work and help with tests > (which it sounds like you are), the support doesn't compromise other > platforms or make maintenance significantly harder then I have no > objections to it going in. Sounds good to me. We're already running with this patch in (pre-)production, and I'm

https://bugzilla.mindrot.org/show_bug.cgi?id=2511 Bug ID: 2511 Summary: Drop fine-grained privileges on Illumos/Solaris Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Solaris Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs

Crossbow team, The following is of interest to the Crossbow project. Since a large chunk of these changes also exist in the Crossbow gate, the delivery of this wad will result in fewer lines of changes for Crossbow''s delivery. If someone on Crossbow could participate in this review, that would be a bonus (Eric Cheng made original changes in the Crossbow gate at some point last year).

Hi, I've downloaded the samba 3.6.12 OpenCSW package. I joined openindiana to the the active directory, winbind seems to work fine, I see all the users with "wbinfo -u". However, my samba server is not starting. It seems that there is no network card found. 2013/03/06 10:40:39.068405, 0] lib/interface.c:543(load_interfaces) WARNING: no network interfaces found [2013/03/06

> From: zfs-discuss-bounces at opensolaris.org [mailto:zfs-discuss- > bounces at opensolaris.org] On Behalf Of bob netherton > > You can, with recv, override any property in the sending stream that can > be > set from the command line (ie, a writable). > > # zfs send repo/support at cpu-0412 | zfs recv -o version=4 repo/test > cannot receive: cannot override received

Just a heads-up, because this bug took me absolutely ages to chase down, and I want to save others the same pain. Samba is perhaps the most prominent reason why you might find a user in more than 16 groups on a Unix system, and so this bug may at first appear to be a 'Samba issue' (that certainly is why it found it's way to my attention :-) https://www.illumos.org/issues/3691 In

Hi, My OpenIndiana (opensolaris) machine is joined to Active Directory. I'm using samba 3.6.12 from OpenCSW. wbinfo -u is working fine, getent was not working in the beginning, but after some fiddling with libraries it was working ( I had to create the following two symbolic links, not sure if they both are correct) /lib/libnss_winbind.so -> /opt/csw/lib/libnss_winbind.so.1

Hello, I just ran upon this problem and couldn't find it in bugzilla. SSH crashes (abort trap) if all of the following conditions are met: (a) option -f is used (crash happens when going to background), (b) reverse port forwarding is set up (option -R), (c) option ExitOnForwardFailure is enabled, (d) there are no actual port-forwarding failures. The problem can be reproduced by

Hi, I''m building an application which is going to require quite fine grained access control. Deciding if a user is allowed to access an action will probably require checking quite number of different rules, so a simple role-based system won''t be flexible enough. The approach I think I will try first is, if it''s possible, to ignore permission issues inside the

Hi, I'm wondering if it's possible to have some users restricted to only login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a particular field with the userdb sql query (protocols=imaps did not work), perhaps setting up a different passdb? Is this possible with dovecot? -Adam

There is the mail_max_userip_connections setting, which helps for dealing with number of connections at any given time, but I'm looking for something that will help deal with users who configure their mail clients to connect too frequently. For example, I've seen users who configured their clients to check (IMAP) mail every 3 seconds. This is far too frequent and puts unnecessary load on

Hello! I've just built my first samba4 (4.0.5) on an OpenIndiana machine without any problems. But when it comes to the provision step the problems begin. Everything is fine, if I call samba-tool with the --use-ntvfs option. But I want to use samba4 with s3fs because of the support for newer SMB protocol versions. But when I call samba-tool without --use-ntvfs option I got the following:

Hello, I am attempting to build Samba 4.2.0 RC4 (I have not tried previous versions yet) and after applying attached patches the build fails with (full build and configure output attached). [2006/3812] Compiling lib/nss_wrapper/nss_wrapper.c ../lib/nss_wrapper/nss_wrapper.c:2405:5: error: conflicting types for 'gethostby name_r' In file included from

On 28 July 2016 at 09:42, David Chisnall <david.chisnall at cl.cam.ac.uk> wrote: > I think it’s important to differentiate between ‘needs’ as in ‘requires a precisely matched version’ and ‘needs’ as in ‘requires something to provide this functionality’. Clang needs something equivalent to libc++ and something equivalent to libunwind, but it doesn’t (or, at least, shouldn’t) need a

Hi, I posted this question to the OpenBSD bugs list last week, however I have had no reply and it was suggested on IRC that I post here instead. So I must apologise if this is not appropriate. For a reference here is my previous post: https://marc.info/?l=openbsd-bugs&m=156080681530337&w=2 I am running OpenBSD 6.5-stable (also tested on -current). When I ssh somewhere I get a sig abort

as used on Illumos? I''ve seen a few tutorials written by people who obviously are very action oriented; afterwards you find you have worn your keyboard down a bit and not learned a lot at all, at least not in the sense of understanding what zfs is and what it does and why things are the way they are. I''m looking for something that would make me afterwards understand what,

On 2/17/16 3:02 PM, Carson Gaspar wrote: > > Sadly I'm hitting a different autoconf bug :-( I was being an idiot - configure was bombing out & I didn't notice (boy that openssl version error message is loooooong...) With Mr. Wilson's patch, I still get: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox"

Hi I've been using Samba from pkgsrc successfully on Illumos, SmartOS specifically until I moved to 4.17.11. When I try to access my home folder on Linux I get, chdir_current_service: vfs_ChDir(/home/fukr/kev) failed: Permission denied. Current token: uid=10000, gid=10001, 3 groups: 10001 10000 10002 My home folder permissions are 700. If I change to 755 it works fine. My the uid, gid are,

On Wed, 21 Feb 2024 20:09:04 +0000 evil cRaftKnife via samba <samba at lists.samba.org> wrote: > Hi > > I've been using Samba from pkgsrc successfully on Illumos, SmartOS > specifically until I moved to 4.17.11. When I try to access my home > folder on Linux I get, > > chdir_current_service: vfs_ChDir(/home/fukr/kev) failed: Permission > denied. Current token:

The subject says it all.