Hi!
Marc has, in another mail thread, asked what plans there are for
shadow right now. I've tried to summarize what is going on below.
Feedback very much welcome.
I don't really know what is happening upstream, but ISTM Serge,
Alejandro, Iker are actively working on cleaning up the code base.
I understand shadow will keep a lot of things that Debian doesn't
care about, f.e. support of non-PAM systems.
Anyone looking at the code will agree that it needs the clean up :-)
At the same time there is upstream interest in dropping utilities
overlapping with util-linux, see:
https://github.com/shadow-maint/shadow/issues/999
For Debian
==========
Maintainership
--------------
As you've probably noticed, Balint has stepped down, and I've
stepped in. In case you didn't know, I'm also wearing the Debian
Maintainer: hat for util-linux.
I hope Serge can focus on upstream in the meantime.
Historic patches
----------------
Our packaging carried a lot old stuff of dubious value. Balint and
others have in the past cleaned this up, and I've dropped some more
things. Generally speaking I want to get rid of all our
code-changing patches.
Specifically, I want to drop:
* cppw
* Relaxed user/group name checks. This one in particular exposed us
to #1076619. To make this feasible, adduser will also need
changes (#1077804, #1074306, FD).
For the other patches we shall see if we can turn them into
configure options or similar.
lastlog/faillog/utmp
--------------------
wtmpdb and pam_lastlog2 have been packaged and
the lastlog/faillog/utmp support in login were turned off already.
Feel free to test this in sid.
There is probably some fallout like #1075733 where some software is
not fully prepared for a world without /var/log/utmp.
#1074320 asked about a NEWS item to have admins remove
/var/log/faillog, which we could do. Text suggestions welcome.
login
-----
login became non-Essential. This immediately regressed mmdebstrap,
which assumes it can call useradd/user* from a host environment
acting on a chroot. Without login installed, login.defs became
unavailable, causing some breakage.
Since shadow 4.16.0-1 /etc/login.defs is split out into the
login.defs package.
#833256 (from a long time ago) asks util-linux to take over login. I
think we are ready to do this. I'll try to stage it in experimental
later today.
If we want to use chsh, etc from util-linux, I'd take advice on
which package should carry these.
tests
-----
Serge worked on getting the testsuite to run in autopkgtest. We
still have a tiny patch to fix some parts up, but that can go away
after a new upstream release.
NIS
---
I have seen various other packages in Debian disabling NIS support.
I am unsure how much support src:shadow actually has, and if
disabling that would be worth anything. Generally I think NIS is on
the way out.
non-shadow password systems
---------------------------
Still supported, any new Debian install starts out as non-shadow.
Once passwd gets installed, it converts the system over. However,
"unconverting" is still possible.
Unclear if "unconverting" should be removed.
I think that's all? Quite a long list anyway.
Chris
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
