On Fri, Dec 17, 2021 at 11:28:35PM +0100, Marc Haber wrote: > If you run the Debian installer with default settings, you get a system > without root password. I guess the majority of desktop installations run > that way.
The majority of desktop installations never uninstall sudo, either. Anyway, performing sudo surgery without a root password set is asking for trouble. Anyone with half a brain would set one temporarily. > As far as I know, you generally cannot control the environment in all > autopkgtest instances. That's their problem, and it is also very easy to solve. A package installs to /usr/share/autopkgtest/adjusts/<package>.env a list of environment variable names (and maybe also the set of permitted values), and then the autopkgtest author expresses an explicit Depends: on the package and specifies the assignment of the environment variable in Extra-Environment:. Then autopkgtest should place that into the environment and it will work. Till they offer such a mechanism no one should spend time on working around this. Regards. P.S.: I just saw your message about the LDAP-related autopkgtests for sudo, and I'll look into that in the next days, but I wonder what a good tesing goal should be. The most critical part is switching between sudo and sudo-ldap and back. Stuff like PAM has to be tested to work out of the box, too. And hooking sudo to a pseudo-terminal (e.g. through socat or ptywrap) would be more realistic as well. I also first have to get a better understanding of how autopkgtests work, i.e. how exactly they are invoked on QA servers and if later tests can rely on side-effects by earlier tests.
