[ARVADOS] updated: 2.1.0-449-gb5884b515

Git user git at public.arvados.org
Mon Feb 15 20:58:07 UTC 2021 

Summary of changes:
 doc/install/setup-login.html.textile.liquid | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

  discards  51fd12cc175a8128802756c954e4f07a8e315f19 (commit)
       via  b5884b515a7fe6255761020cdd39d450db6d603b (commit)

This update added new revisions after undoing existing revisions.  That is
to say, the old revision is not a strict subset of the new revision.  This
situation occurs when you --force push a change and generate a repository
containing something like this:

 * -- * -- B -- O -- O -- O (51fd12cc175a8128802756c954e4f07a8e315f19)
            \
             N -- N -- N (b5884b515a7fe6255761020cdd39d450db6d603b)

When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit b5884b515a7fe6255761020cdd39d450db6d603b
Author: Nico Cesar <nico at nicocesar.com>
Date:   Mon Feb 15 15:44:50 2021 -0500

    Added note about /bin/false as UNIX login
    
    Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>

diff --git a/doc/install/setup-login.html.textile.liquid b/doc/install/setup-login.html.textile.liquid
index aec82cfe2..d11fec9e1 100644
--- a/doc/install/setup-login.html.textile.liquid
+++ b/doc/install/setup-login.html.textile.liquid
@@ -98,7 +98,7 @@ Enable PAM authentication in @config.yml@:
 
 Check the "default config file":{{site.baseurl}}/admin/config.html for more PAM configuration options.
 
-The default PAM configuration on most Linux systems uses the local password database in @/etc/shadow@ for all logins. In this case, in order to log in to Arvados, users must have a shell account and password on the controller host itself. This can be convenient for a single-user or test cluster.
+The default PAM configuration on most Linux systems uses the local password database in @/etc/shadow@ for all logins. In this case, in order to log in to Arvados, users must have a UNIX account and password on the controller host itself. This can be convenient for a single-user or test cluster. User accounts can have @/dev/false@ as the shell in order to allow the user to log into Arvados but not log into a shell on the controller host.
 
 PAM can also be configured to use different backends like LDAP. In a production environment, PAM configuration should use the service name ("arvados" by default) to set a separate policy for Arvados logins: generally, Arvados users should not have shell accounts on the controller node.
 

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list