X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C87A30.CA9EABFA@onstor-exch02.onstor.net>; Thu, 28 Feb 2008 10:38:55 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-class: urn:content-classes:message
Subject: RE: Cougar migration issue
Date: Thu, 28 Feb 2008 10:38:54 -0700
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E089F156B@onstor-exch02.onstor.net>
In-Reply-To: <BB375AF679D4A34E9CA8DFA650E2B04E05C74368@onstor-exch02.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Cougar migration issue
Thread-Index: Ach53ftt8qxQC/FMQDquteiXN4SGZAAQcWPZAAMAqXAAAM0kUAAAbubg
References: <BB375AF679D4A34E9CA8DFA650E2B04E089F1523@onstor-exch02.onstor.net> <BB375AF679D4A34E9CA8DFA650E2B04E05C74368@onstor-exch02.onstor.net>
From: "Narain Ramadass" <narain.ramadass@onstor.com>
To: "Sandrine Boulanger" <sandrine.boulanger@onstor.com>,
	"Eric Barrett" <eric.barrett@onstor.com>,
	"Tim Gardner" <tim.gardner@onstor.com>,
	"dl-Cougar" <dl-Cougar@onstor.com>
Cc: "Sripal Surendiran (HCL)" <sripal.surendiran@onstor.com>,
	"Sudharsan Srinivasan" <sudharsan@onstor.com>

IIRC - those goto the clusterDB?=20

-----Original Message-----
From: Sandrine Boulanger=20
Sent: Thursday, February 28, 2008 9:26 AM
To: Eric Barrett; Narain Ramadass; Tim Gardner; dl-Cougar
Cc: Sripal Surendiran (HCL); Sudharsan Srinivasan
Subject: RE: Cougar migration issue

Where do we store the passwords for the local useraccounts, like ndmp?

-----Original Message-----
From: Eric Barrett
Sent: Thursday, February 28, 2008 9:05 AM
To: Narain Ramadass; Tim Gardner; dl-Cougar
Cc: Sripal Surendiran (HCL); Sudharsan Srinivasan
Subject: RE: Cougar migration issue

We can't expire them because it still requires knowing how to crypt()
the password, which apparently the Linux libraries can't do with the BSD
format.  Otherwise you're opening up the accounts for J. Random Hacker
to log in and change them himself.  (Unlikely, yes, but still a
consideration, especially since we have customers who run their boxes on
the public Internet.)


-----Original Message-----
From: Narain Ramadass
Sent: Thursday, February 28, 2008 7:37 AM
To: Tim Gardner; dl-Cougar
Cc: Sripal Surendiran (HCL); Sudharsan Srinivasan
Subject: RE: Cougar migration issue

Tim,

Another alternative we had discussed last time was to reset the
passwords for the root and admin accounts to their ONStor defaults and
add an expiry date for the password such that the next login by the
respective users would force them to change the password.

I do not believe that we store anything except admin and root in the
passwd file - but then ONStor created ID's show up to BSD as "admin".
Therefore if I logged in as "ndmp", "who" run from BSD would show an
instance of "admin" having logged in. This may need a bit of testing and
validation IMHO.

My 2c.

Narain.


-----Original Message-----
From: Tim Gardner
Sent: Wed 2/27/2008 11:53 PM
To: dl-Cougar
Cc: Sripal Surendiran (HCL); Sudharsan Srinivasan
Subject: Cougar migration issue
=20
Folks,
=20
There is a migration issue regarding the password file.
The format (blowfish) used on BSD is not supported on our Linux
distribution.
How important is this?
Do we store any passwords in this file other than the passwords for the
admin and root users?
If not, would it be sufficient to just prompt the user for these
passwords during migration?
=20
Tim
=20

