Less footguns (#3552)

scripts/install_ubuntu_dependencies.sh

@@ -21,6 +21,8 @@ ${SUDOCMD} apt-get update &&
         cmake \
         build-essential \
         jq \
+        lld \
+        clang \
         tpm-udev
 
 if [ -z "${PACKAGING}" ]; then
@@ -73,10 +75,6 @@ if [ -z "$(which cargo)" ]; then
     ERROR=1
 fi
 
-if [ $ERROR -eq 0 ] && [ -z "$(which cross)" ]; then
-    echo "You don't have cross installed! Installing it now..."
-    cargo install -f cross
-fi
 if [ $ERROR -eq 0 ] && [ -z "$(which cargo-deb)" ]; then
     echo "You don't have cargo-deb installed! Installing it now..."
     cargo install -f cargo-deb

unix_integration/common/src/unix_config.rs

@@ -458,6 +458,16 @@ impl UnixdConfig {
 
     fn apply_from_config_v2(self, config: ConfigV2) -> Result<Self, UnixIntegrationError> {
         let kanidm_config = if let Some(kconfig) = config.kanidm {
+            match &kconfig.pam_allowed_login_groups {
+                None => {
+                    error!("You have a 'kanidm' section in the config but an empty pam_allowed_login_groups set. USERS CANNOT AUTH.")
+                }
+                Some(groups) => {
+                    if groups.is_empty() {
+                        error!("You have a 'kanidm' section in the config but an empty pam_allowed_login_groups set. USERS CANNOT AUTH.");
+                    }
+                }
+            }
             Some(KanidmConfig {
                 conn_timeout: kconfig.conn_timeout.unwrap_or(DEFAULT_CONN_TIMEOUT),
                 request_timeout: kconfig.request_timeout.unwrap_or(DEFAULT_CONN_TIMEOUT * 2),
@@ -465,6 +475,9 @@ impl UnixdConfig {
                 map_group: kconfig.map_group,
             })
         } else {
+            error!(
+                "You are using a version 2 config without a 'kanidm' section. USERS CANNOT AUTH."
+            );
             None
         };