I have installed odoo v8 based on this script
It seems the user 'odoo' has no password (at least in my installation) and I wonder whether this:
- is how it is supposed to be ?
- a good idea in terms of safety ?
any ideas?
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- ลูกค้าสัมพันธ์
- e-Commerce
- ระบบบัญชี
- สินค้าคงคลัง
- PoS
- Project
- MRP
คำถามนี้ถูกตั้งค่าสถานะ
1
ตอบกลับ
9164
มุมมอง
It's ok to have system user with no password. Some limitations are
- can be used only by root
- no ssh access
so that means: it is ok to have such a passwordless user, but it also wouldn't break anything or reduce security to assign a password, right? For example it could be a security feature that you can not access to the 'odoo' user by ssh
It wouldn't break anything, but it would make things less secure. A passwordless user is more secure than a user with a password - this user can NEVER login, just run services.
That user will never exposed to the end user, so I think it's safe enough. Root still can login as user with no password if that user is given a proper shell, like bash (ehm.. shellshock). To make the user not available for login, use /sbin/nologin as command/shell for that user in /etc/passwd.
สนุกกับการพูดคุยนี้ใช่ไหม? เข้าร่วมเลย!
สร้างบัญชีวันนี้เพื่อเพลิดเพลินไปกับฟีเจอร์พิเศษและมีส่วนร่วมกับคอมมูนิตี้ที่ยอดเยี่ยมของเรา!
ลงชื่อ| Related Posts | ตอบกลับ | มุมมอง | กิจกรรม | |
|---|---|---|---|---|
|
3
ก.ค. 25
|
1524 | ||
|
3
มิ.ย. 25
|
4630 | ||
|
5
พ.ค. 25
|
5186 | ||
|
2
พ.ค. 25
|
1929 | ||
|
1
ส.ค. 24
|
2420 |
