[oi-dev] Install defaults re. SMB and pam.conf
Andreas Wacknitz
A.Wacknitz at gmx.de
Sun Mar 26 11:23:56 UTC 2017
Am 25.03.17 um 22:30 schrieb James Blachly:
> (I did not get any response on the -discuss list, so please forgive the re-posting)
>
> Speaking as a new OI user here,
>
> I am using the kernel CIFS/SMB service for the first time (on other systems including smartos I am using samba), which is quite convenient. However, it did not work out of the box.
>
> Is there any reason something along the lines of the following should not be in /etc/pam.conf in the installer/freshly installed image?
>
> # Kernel SMB/CIFS service for insertion into /var/smb/smbpasswd
> other password required pam_smb_passwd.so.1 nowarn
>
> This seems like a reasonable change that would lower the barrier to entry / lower the frustration level for new users at a critical point in their go/no go decision.
I am not sure about the reasons it is missing in our standard
installation. Probably because not everybody is using smb/cifs and it
might be
a security problem. I think the general idea behind it was (during
Solaris times) that it is safer to have as few as possible things "on"
by default
and an admin should know what to activate.
So an alternative to enable this in /etc/pam.conf would be an enhanced
desription of admin steps after installation (on the wiki probably).
Regards
Andreas
More information about the oi-dev
mailing list