[indiana-discuss] REVIEW System Admin. Guide for the Back to School Kit
Cindy.Swearingen at Sun.COM
Cindy.Swearingen at Sun.COM
Tue Aug 5 15:36:25 PDT 2008
Hi Dave,
I see your point about the second user account so we'll drop it.
This issue also highlights a transition between managing user accounts
with home directories as a UFS directory and home directories as ZFS
file systems.
I need to file a bug against the user account manager because it creates
a user account with a home dir as a directory not a ZFS file system. If
I create a ZFS file system and feed it to user account manager, it
doesn't setup the user home dir ownership correctly.
In the meantime, I'll figure something else out.
Thanks for feedback--
Cindy
Dave Miner wrote:
> Cindy.Swearingen at Sun.COM wrote:
>
>> Hi William,
>>
>> Thanks for the comments...
>>
>> For the ZFS comments:
>>
>> 1.
>> Good comment about pointing to Tim's blog instead of the script directly.
>>
>> 2. The user account that is created during the OpenSolaris
>> installation has root privileges. For example:
>> admin at opensolaris:~/Desktop$ roles
>> root
>>
>> So, for a student installing the Back to School Kit its probably
>> best to create a personal user account for papers, etc.
>>
>
> I haven't reviewed the document, but this exchange caught my eye.
> The account can assume the role, but only does so when specifically
> requested by entering a profiled shell or using pfexec. There's no
> extra privilege when you're running in, say, bash or ksh.
>
> Please do not recommend a second user account, it makes OpenSolaris
> appear needlessly complex. At some point we may alter the RBAC
> privileges created by default to be somewhat less expansive than they
> are right now, but presently the behavior that results is what is
> expected for a single-user system, which is that the user can administer
> his own system.
>
> Dave
More information about the indiana-discuss
mailing list