Folks,
In the process of setting up a custom ldap shell group for the qgis team so
they can administer their Project VM, I discovered that the restriction of
logins to the SAC Shell group was not actually working on any of the VMs.
That means, anyone with shell attributes in the OSGeo LDAP could login to
any of the VMs.
After some trial and error, I have come to the conclusion the
/etc/nsswitch.conf file needs to be edited, and the line:
shadow: files ldap
needs to be changed to:
shadow: files
as documented in:
http://trac.osgeo.org/osgeo/ticket/578
I have changed all the VMs I'm aware of (those listed in the SAC Services
wiki page), but the template VM used to create new VMs also needs to be
changed. Ramereth suggested we file a ticket with OSL to start that VM
but I'm not sure how to go about that process. Can someone point me to
details and I'll document it?
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | Geospatial Programmer for Rent