Subject: Re: Why no root login
From: Matthew Temple (Matthew_Temple@dfci.harvard.edu)
Date: Thu Nov 09 2000 - 13:24:43 EST
All,
I assume the reason you would want root login would be to create
a volume administrator. UI received the following messagein response
to
a question concerning this issue several weeks ago: (I haven't yet
checked the syntax here, and with the huge amount of discussion around
newer versions of netatalk I'm a little nervous about upgrading.)
Does anyone know the status of the "Volume Administrator" fix?
Matthew Temple
============================================================================
FYI, I'm putting the finishing touches on administrator group access in
netatalk 1.5 right now. It will allow someone in a particular group
(which
you specify in afpd.conf) to have root priviledges. But I'd say we're
still
at least a week away from having a release candidate that includes a
fully
functional version of it.
----- Original Message -----
From: "Temple, Matthew H." <Matthew_Temple@dfci.harvard.edu>
To: <netatalk-admins@umich.edu>
Sent: Thursday, September 14, 2000 7:12 PM
Subject: volume administrator
> All,
>
> We have two issues that we constantly bump into with
> Netatalk, largely around backup. Although we can backup
> and restore our Netatalk volumes with Legato Networker or
> dump, we'd like to be able to use Retrospect. But since
> Netatalk, unlike Cap, doesn't have the notion of an
> "afp adminstrator" there's no way to mount several volumes owned
> by different labs (we're a research organization). I've figured
> out how to use the "Redhat private group" scheme to create a
> volume administrator, but this scheme won't work if there are
> different administrators across the machine. And, of course,
> this won't help to back up individual users who aren't part of a
> volume.
>
> I do see how root can log in via a simple hack to afpd, but it
> doesn't appear to have rootly privileges.
>
> What do people do for backing up their shared netatalk volumes?
>
> Matthew Temple
>
=================================================================
Ryan McBeth wrote:
>
> Well, you could edit /etc , but the thought of all of those
> .AppleDouble files in /etc ...
>
> Ryan
>
> At 17:42 +0100 09/11/2000, Christian Schmidt wrote:
> >TimY schrieb am 08.11.2000:
> >
> >>I can't get root to login. Is it blocked for some reason.
> >
> >Yes, it is. And the reason is security.
> >
> >On many systems, a remote root login is generally forbidden.
> >
> >Try logging in as "normal" user.
> >
> >Vai AFP, root can't do anything worthy anyway...
> >
> >Yours,
> >Christian
> >--
> >Made with a Macintosh...
> >ChriSchmi@t-online.de
> >http://home.t-online.de/home/chrischmi/
>
> __________________________________
> Ryan McBeth
> Systems Administrator, Mobius New Media
> Voice: (302) 475-9880 x11
> FAX: (302) 475-9894
> www.mobiusnm.com
> __________________________________
> If you want to achieve excellence, you can get there today. As of
> this second, quit doing less-than-excellent work.
> -Thomas Watson, founder of IBM
-- ============================================================= Matthew Temple Tel: 617/632-2597 Director, Research Computing Fax: 617/632-4012 Dana-Farber Cancer Institute Matthew_Temple@dfci.harvard.edu 44 Binney Street, Smith 345 http://research.dfci.harvard.edu Boston, MA 02115 IMAP LIVES! =============================================================
This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:32:36 EST