<div> Mark,</div>
<div> </div>
<div> I am also an administrator and I understand all you're saying.</div>
<div> My only concern was I don't ever recall manually creating a filepro user, I assumed it was created by default when installed.</div>
<div> Therefore, I wouldn't expect the user 'filepro' to have an expired password.</div>
<div> That was my only concern on this.</div>
<div> </div>
<div> Thanks</div>
<div> </div>
<div> Scott</div>
<div><br><br> </div>
<div class="gmail_quote">On Mon, Oct 11, 2010 at 10:26 PM, Fairlight <span dir="ltr"><<a href="mailto:fairlite@fairlite.com">fairlite@fairlite.com</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">The honourable and venerable <a href="mailto:scooter6@gmail.com">scooter6@gmail.com</a> spoke thus:<br>
<div class="im">> So does it matter what I set filepro's password to? I never<br>> knew it got installed with a password, much less a password that<br>> expires?? Strange......<br><br></div>If the installation is what creates the filepro user, my recollection is<br>
that it does not even -set- a password, you have to do that manually. I<br>may be misremembering. Usually I'm doing a migration, so I set up the<br>account manually, before actual fP installation.<br><br>If you're planning on physically logging in manually as filepro, then you<br>
should pick a strong password that you can remember. If you're only going<br>to be using su or ssh with authorized_keys, then you would be safe to just<br>put x or * in the encryption field in /etc/shadow. If you're not even<br>
going to have filepro as a user -do- anything, one can lock it down with a<br>shell of /bin/nologin or /bin/false.<br>
<div class="im"><br>> That leads me to the other part of my problems/issues/questions. I'm<br>> assuming them I can use the filepro user to ftp to our client's site<br>> and 'get' files, thus these files would have filepro ownership already,<br>
> right?<br><br></div>Given the correct credentials and automation, yes, the filepro user can ftp<br>out and get files. Resultant files would be owned by filepro.<br>
<div class="im"><br>> I guess I can also do some 'system' calls to chmod etc right from<br>> processing.<br><br></div>I know you can, I don't have to guess. Now chown is another story<br>entirely...<br>
<div class="im"><br>> But I would like to know if:<br>> a) this is standard behaviour for filepro (an expiring password)<br><br></div>Password expiry has nothing whatsoever to do with filepro, and everything<br>to do with the security configuration of the authentication subsystem of<br>
the underlying operating system. I'm not sure what SCO is using as of<br>5.0.7. In linux, this would be a function of how the PAM module is<br>configured, for most (if not all) modern distributions.<br>
<div class="im"><br>> b) does it matter what I set filepro's password to?<br><br></div>See above.<br>
<div class="im"><br>> c) will it break anything when I change it?<br><br></div>The only thing changing the filepro user's password will "break" is the<br>ability for someone that's been using the current password (if one even<br>
exists) to log in using that same password after you've changed it. The<br>filePro software in no way relies on logging in as filepro, or upon the<br>actual password. There's a filepro user so that the binaries have a user<br>
other than root to be set SUID to and the data can be owned by that user,<br>and that's it. I have multiple systems set up where you can't even log in<br>as filepro, both because it has the password field set to an invalid<br>
encryption (x or *), -and- because it doesn't have a valid login shell<br>that's listed in /etc/shells.<br><br>Happy to help to a degree on-list, but this stuff is pretty much "Unix 001"<br>territory. If you have an administrator for the system, you might confer<br>
with them; any competent administrator could answer these questions. If<br>you don't, you might want to hire or contract one.<br><br>mark-><br>
<div>
<div></div>
<div class="h5">_______________________________________________<br>Filepro-list mailing list<br><a href="mailto:Filepro-list@lists.celestial.com">Filepro-list@lists.celestial.com</a><br>Subscribe/Unsubscribe/Subscription Changes<br>
<a href="http://mailman.celestial.com/mailman/listinfo/filepro-list" target="_blank">http://mailman.celestial.com/mailman/listinfo/filepro-list</a><br></div></div></blockquote></div><br>