-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Julien Cristau wrote: > Package: dtc-xen > Version: 0.2.6-5 > Severity: serious > > Hi, > > dtc-xen's postinst creates (19!!) users with home directories under > /home, and will break if /home is on nfs (which is a pretty common > setup). If the users already exist (not necessarily created by this > package), it will override their settings. > > Cheers, > Julien
Hi! Thanks for reporting this one. Even if what you say is right, when using this package, in no way you want to use things like NFS, setup some users to have account on the server or other things like that. This is supposed to be the dom0 where the minimum number of things are setup, especially dangerous things like NFS !!! I think using /home on a NFS server in the dom0 of a Xen server is a pretty UNCOMMON and DANGEROUS setup... :) Did you understand that if the shell of the user is NOT /bin/dtc-xen_userconsole (the virtual machine console), then this is a very important security concern as the user will have a user account on the server rather than an access to the physical console of it's virtual machine? What do you suggest? Do you still think this should be filed as a bug, and if so, what correction do you think I should do (keep in mind that these users are needed)? Finally, can't we expect the user to know what he is doing, and expect that nothing else that dtc-xen and it's dependencies will be installed on the dom0 if it's a production server? I'm waiting for your reply before trying to fix this one. Thomas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFF9PLAl4M9yZjvmkkRAvdtAJ9W7GDF8d7i8x2c6nxvDmhffZmpcgCcD4oB +LjpkXZUuQZ6AAXyKZ6tNOo= =ep4u -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
