-
As in 0.7.4919, proftpd.conf lists following froups as being able to login: wheel, ftp.
When I'm still in doubt whether allowing all members of wheel to be able to login is a good idea (I'd prefer to make an allow-list explicitly, thru ftp group), I'm pretty sure that allowing root to login directly (thru wheel group) is bad idea.
For now I solved that with DenyUser...
2009-11-08 15:47:43 UTC in FreeNAS
-
After upgrading 0.7 RC1 to 0.7.4919 (presumably stable), I observe following:
- proftpd.conf allows groups wheel and ftp (not only ftp as listed in release notes)
- user transmission is a member of group ftp
which means that user transmission is still able to login to FTP (of course if its password is bruteforced)
Group 50 (ftp) is assigned to user transmission as result of entry in...
2009-11-08 15:38:40 UTC in FreeNAS
-
WebGUI main index page reports page as shown in attachment (note same used/free for all three pools). Console outputs are as follows:
nest:~# df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/md0 88M 77M 12M 87% /
devfs 1.0K 1.0K 0B 100% /dev
procfs.
2009-08-26 18:21:19 UTC in FreeNAS
-
How to reproduce: take a 0.7RC1 FreeNAS system, add read-only SMB share named "system" mapped to "/" (root), apply all changes, access share from another PC. Result: kernel trap 12, reboot in 15 seconds.
Trap data:
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cupid = 0; apic id = 00
fault virtual address = 0x280007
fault code = supervisor write,
2009-07-11 07:33:30 UTC in FreeNAS
-
It seems to me, that the best idea is to
(a) generate random and VERY strong password for every user that is somehow generated by system (for now it is only tranmission, but who knows what will be next?)
and
(b) allow block access for chosen user in chosen service, that is mapped to system users.
For example, we have ssh, smb and ftp - all using same system user database.
I am creating user so...
2009-06-22 22:17:03 UTC in FreeNAS
-
It would be convenient to have an option to manually specify shell for user account (scponly, bash, nologin, etc). I suppose just a plain text box "custom shell path" would be enough. It will, of course, replace "Give user full shell access" checkbox.
2009-06-20 19:25:15 UTC in FreeNAS
