Displaying 20 results from an estimated 2000 matches similar to: "[PATCH] Drop fine-grained privileges on Illumos/Solaris"
2015 Nov 13
2
[PATCH] Drop fine-grained privileges on Illumos/Solaris
On 11/12/15 6:24 PM, Darren Tucker wrote:
>
> As long as someone is willing to do the work and help with tests
> (which it sounds like you are), the support doesn't compromise other
> platforms or make maintenance significantly harder then I have no
> objections to it going in.
Sounds good to me. We're already running with this patch in
(pre-)production, and I'm
2015 Nov 29
22
[Bug 2511] New: Drop fine-grained privileges on Illumos/Solaris
https://bugzilla.mindrot.org/show_bug.cgi?id=2511
Bug ID: 2511
Summary: Drop fine-grained privileges on Illumos/Solaris
Product: Portable OpenSSH
Version: 7.1p1
Hardware: Other
OS: Solaris
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs
2008 Aug 04
6
[Fwd: [networking-discuss] code-review: fine-grained privileges for datalink administration]
Crossbow team,
The following is of interest to the Crossbow project. Since a large
chunk of these changes also exist in the Crossbow gate, the delivery of
this wad will result in fewer lines of changes for Crossbow''s delivery.
If someone on Crossbow could participate in this review, that would be a
bonus (Eric Cheng made original changes in the Crossbow gate at some
point last year).
2013 Mar 06
2
no network interfaces found on OpenIndiana (Illumos)
Hi,
I've downloaded the samba 3.6.12 OpenCSW package.
I joined openindiana to the the active directory, winbind seems to
work fine, I see all the users with "wbinfo -u".
However, my samba server is not starting. It seems that there is no
network card found.
2013/03/06 10:40:39.068405, 0] lib/interface.c:543(load_interfaces)
WARNING: no network interfaces found
[2013/03/06
2012 Dec 21
4
zfs receive options (was S11 vs illumos zfs compatiblity)
> From: zfs-discuss-bounces at opensolaris.org [mailto:zfs-discuss-
> bounces at opensolaris.org] On Behalf Of bob netherton
>
> You can, with recv, override any property in the sending stream that can
> be
> set from the command line (ie, a writable).
>
> # zfs send repo/support at cpu-0412 | zfs recv -o version=4 repo/test
> cannot receive: cannot override received
2013 Apr 24
4
WARNING to those running Samba on OpenIndiana or other Illumos based systems with > 16 groups
Just a heads-up, because this bug took me absolutely ages to chase down,
and I want to save others the same pain.
Samba is perhaps the most prominent reason why you might find a user in
more than 16 groups on a Unix system, and so this bug may at first
appear to be a 'Samba issue' (that certainly is why it found it's way to
my attention :-)
https://www.illumos.org/issues/3691
In
2013 Mar 07
0
winbind authentication FAILED with error NT_STATUS_NO_SUCH_USER [samba 3.6.12/AD/openindiana(illumos)]
Hi,
My OpenIndiana (opensolaris) machine is joined to Active Directory.
I'm using samba 3.6.12 from OpenCSW.
wbinfo -u is working fine, getent was not working in the beginning,
but after some fiddling with libraries it was working ( I had to
create the following two symbolic links, not sure if they both are
correct)
/lib/libnss_winbind.so -> /opt/csw/lib/libnss_winbind.so.1
2016 Jul 22
2
SSH crash on OpenBSD (pledge related?)
Hello,
I just ran upon this problem and couldn't find it in bugzilla.
SSH crashes (abort trap) if all of the following conditions are met:
(a) option -f is used (crash happens when going to background),
(b) reverse port forwarding is set up (option -R),
(c) option ExitOnForwardFailure is enabled,
(d) there are no actual port-forwarding failures.
The problem can be reproduced by
2006 Feb 14
4
Fine grained access control
Hi,
I''m building an application which is going to require quite fine grained
access control. Deciding if a user is allowed to access an action will
probably require checking quite number of different rules, so a simple
role-based system won''t be flexible enough.
The approach I think I will try first is, if it''s possible, to ignore
permission issues inside the
2007 Jul 19
2
fine-grained user authentication support
Hi,
I'm wondering if it's possible to have some users restricted to only
login via POP3 or only IMAP (likewise for IMAPS/POP3S). Returning a
particular field with the userdb sql query (protocols=imaps did not
work), perhaps setting up a different passdb? Is this possible with
dovecot?
-Adam
2013 Sep 07
1
More fine-grained connection limitations?
There is the mail_max_userip_connections setting, which helps for
dealing with number of connections at any given time, but I'm looking
for something that will help deal with users who configure their mail
clients to connect too frequently.
For example, I've seen users who configured their clients to check
(IMAP) mail every 3 seconds. This is far too frequent and puts
unnecessary load on
2013 Apr 11
3
Samba4 AD DC using s3fs an OpenIndiana/Illumos/Solaris
Hello!
I've just built my first samba4 (4.0.5) on an OpenIndiana machine
without any problems.
But when it comes to the provision step the problems begin. Everything
is fine, if I
call samba-tool with the --use-ntvfs option. But I want to use samba4
with s3fs because
of the support for newer SMB protocol versions.
But when I call samba-tool without --use-ntvfs option I got the following:
2015 Jan 25
0
SmartOS: nss_wrapper: conflicting types
Hello,
I am attempting to build Samba 4.2.0 RC4 (I have not tried previous
versions yet) and after applying attached patches the build fails with
(full build and configure output attached).
[2006/3812] Compiling lib/nss_wrapper/nss_wrapper.c
../lib/nss_wrapper/nss_wrapper.c:2405:5: error: conflicting types for
'gethostby
name_r'
In file included from
2016 Jul 28
2
[RFC] One or many git repositories?
On 28 July 2016 at 09:42, David Chisnall <david.chisnall at cl.cam.ac.uk> wrote:
> I think it’s important to differentiate between ‘needs’ as in ‘requires a precisely matched version’ and ‘needs’ as in ‘requires something to provide this functionality’. Clang needs something equivalent to libc++ and something equivalent to libunwind, but it doesn’t (or, at least, shouldn’t) need a
2019 Jun 27
2
Does ssh need sendfd in pledge() call?
Hi,
I posted this question to the OpenBSD bugs list last week, however
I have had no reply and it was suggested on IRC that I post here
instead. So I must apologise if this is not appropriate.
For a reference here is my previous post:
https://marc.info/?l=openbsd-bugs&m=156080681530337&w=2
I am running OpenBSD 6.5-stable (also tested on -current). When I
ssh somewhere I get a sig abort
2013 Mar 19
3
What would be the best tutorial cum reference doc for ZFS
as used on Illumos?
I''ve seen a few tutorials written by people who obviously are very
action oriented; afterwards you find you have worn your keyboard down a
bit and not learned a lot at all, at least not in the sense of
understanding what zfs is and what it does and why things are the way
they are.
I''m looking for something that would make me afterwards understand what,
2016 Feb 18
5
Call for testing: OpenSSH 7.2
On 2/17/16 3:02 PM, Carson Gaspar wrote:
>
> Sadly I'm hitting a different autoconf bug :-(
I was being an idiot - configure was bombing out & I didn't notice (boy
that openssl version error message is loooooong...)
With Mr. Wilson's patch, I still get:
"sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used
with the Solaris sandbox"
2024 Feb 21
1
Cant access home folder after 4.13.x
Hi
I've been using Samba from pkgsrc successfully on Illumos, SmartOS
specifically until I moved to 4.17.11. When I try to access my home folder
on Linux I get,
chdir_current_service: vfs_ChDir(/home/fukr/kev) failed: Permission denied.
Current token: uid=10000, gid=10001, 3 groups: 10001 10000 10002
My home folder permissions are 700. If I change to 755 it works fine. My
the uid, gid are,
2024 Feb 21
1
Cant access home folder after 4.13.x
On Wed, 21 Feb 2024 20:09:04 +0000
evil cRaftKnife via samba <samba at lists.samba.org> wrote:
> Hi
>
> I've been using Samba from pkgsrc successfully on Illumos, SmartOS
> specifically until I moved to 4.17.11. When I try to access my home
> folder on Linux I get,
>
> chdir_current_service: vfs_ChDir(/home/fukr/kev) failed: Permission
> denied. Current token: