Bug#1064617: Passwords should not be changed frequently
Hi, Am 2. März 2024 21:07:34 MEZ schrieb Philip Hands : > >This sentence is the thing that prompted me to change things in the >first place, because it is not true. One does not _need_ to set a root >password. It should be understood as "If you want to enable login as root, you have to set a root password now." And in expert mode it is in fact working this way: At first, you are asked if you want to enable login as root. If you answer yes here, you are prompted to set a root password. And at that point it is indeed required to set a root password, since you chose to enable root login in the first question and the installer does not allow an empty password for root. To make it work in default install, we could change the question as in above citation. >I don't actually care very much whether we encourage sudo use. My >wording ended up (after many variations) quite strongly encouraging it >mostly as an antidote to the implication that comes from having a >question dedicated to setting the root password, but I'd be happy with >any wording that makes sure that people understand that both options are >totally fine. The sudo possibility is also mentioned: 'The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the "sudo" command.' I have rephrased that a bit, see below. >The other thing that I was trying to ensure is that people are reassured >that they'll get to specify a password that will get them root access even if >they decide to leave the root password unset. This is because I've seen >people become quite uncertain about what to expect at this point in the >install. > >I've found that it is not easy to come up with things that include much >nuance about this, while still fitting in the space available, which is >why I decided to try a more opinionated approach. > >One could soften what I wrote by replacing "generally recommended" with >something like "often appropriate" -- how does that seem to people? Your proposal too much focusses on the sudo way IMO. We risk getting complains from people, who miss advise regarding the enabled root login. I have rephrased the dialog a bit, to make the sudo way more visible and better understandable. >One can of course tinker with this stuff indefinitely. I actually spent >a fair amount of time wondering how best to describe not setting a root >password for instance -- should one say "leave the password unset", "set >an empty password", "enter no password", or something like "just hit >"? (and does that last one actually apply to all the available >UIs?). > >The same goes for how you say that the password is not going to get >shown (unless you ask for it to be shown), which in the GTK UI gets >characters replaced with dots, IIRC in the text UI its with asterisks, >and I'd guess it just gets completely hidden in the speech install. I think that's not much of a problem. People are used to the situation, that passwords are not shown, but replaced by asterisks or similar. And we have the checkbox for showing it in clear text, that should be enough. Updated patch attached. Holger diff --git a/debian/user-setup-udeb.templates b/debian/user-setup-udeb.templates index cdb6d78..7393511 100644 --- a/debian/user-setup-udeb.templates +++ b/debian/user-setup-udeb.templates @@ -34,21 +34,19 @@ Template: passwd/root-password Type: password # :sl1: _Description: Root password: - You need to set a password for 'root', the system administrative - account. A malicious or unqualified user with root access can have + If you want to allow login as root, you need to set a password for 'root', + the system administrative account now. + A malicious or unqualified user with root access can have disastrous results, so you should take care to choose a root password - that is not easy to guess. It should not be a word found in dictionaries, - or a word that could be easily associated with you. + that cannot be guessed. It should not be a word found in dictionaries, + or something that could be easily associated with you. . - A good password will contain a mixture of letters, numbers and punctuation - and should be changed at regular intervals. + You can also leave the password for root empty here, to disable the root + account; the system's initial user account (which will be set up in the next + step) will then be given the power to become root using the "sudo" command. . - The root user should not have an empty password. If you leave this - empty, the root account will be disabled and the system's initial user - account will be given the power to become root using the "sudo" - command. - . - Note that you will not be able to see the password as you type it. + Note that you will not be able to see the password as you type it (except if + you choose to show it in clear text). Template: passwd/root-password-again Type: password
Bug#1064617: Passwords should not be changed frequently
On Saturday, 2 March 2024 21:07:34 CET Philip Hands wrote: > I don't actually care very much whether we encourage sudo use. A person who I consider very knowledgeable deliberately went for sudo and disabled the root account for security reasons. It was an image provided by him that I ended up nuking as I didn't know if/how I could rescue that system because it had no root account I could use. I guess my knowledge (and certainly habits) are dated now. > The other thing that I was trying to ensure is that people are reassured > that they'll get to specify a password that will get them root access even > if they decide to leave the root password unset. This is because I've seen > people become quite uncertain about what to expect at this point in the > install. You (both) obviously got more experience in these situations. My response was based on Holger's suggestion. While I did read through various things, I missed the most important one: https://openqa.debian.net/tests/238094#step/passwords/1 That screen and wording looks pretty good :) > I've found that it is not easy to come up with things that include much > nuance about this, while still fitting in the space available, which is > why I decided to try a more opinionated approach. My suggestion took considerable time to formulate (and was still not very pleased with it) as I ran into the same problem. *IF* we want more nuance/details, the install screens aren't the place. I can get hung up too much on certain words (like 'passwords') and that's generally not very helpful. What I do (still) care about is getting rid of the "At least a capital letter and a special character" and that is absent from the "passwords/1" screen :) signature.asc Description: This is a digitally signed message part.
Bug#1064617: Passwords should not be changed frequently
Diederik de Haas writes: > Hi, > > On Friday, 1 March 2024 20:46:49 CET Holger Wansing wrote: >> Philip Hands wrote (Fri, 01 Mar 2024 06:46:27 +0100): >> > If you want to make a constructive contribution, how about suggesting a >> > wording that reflects the advice that you think would be most useful to >> > the people that actually read the advice? >> >> I would like to make a proposal, leaving the default setting as is >> (aka: default to an enabled root account, no sudo), with only some wording >> changings. >> >> Patch attached. >> >> What do you think? > > I think it's an improvement and I have some suggestions, which hopefully > makes > it even better. I don't have a git-diff, but hopefully this works too. > > I'm not a native English speaker or particularly good at this, so it's more > the direction then the exact wording that's important. Others can undoubtedly > improve upon it. > > _Description: Root password: > "You need to set a password for 'root', the system administrative account. This sentence is the thing that prompted me to change things in the first place, because it is not true. One does not _need_ to set a root password. I don't actually care very much whether we encourage sudo use. My wording ended up (after many variations) quite strongly encouraging it mostly as an antidote to the implication that comes from having a question dedicated to setting the root password, but I'd be happy with any wording that makes sure that people understand that both options are totally fine. The other thing that I was trying to ensure is that people are reassured that they'll get to specify a password that will get them root access even if they decide to leave the root password unset. This is because I've seen people become quite uncertain about what to expect at this point in the install. I've found that it is not easy to come up with things that include much nuance about this, while still fitting in the space available, which is why I decided to try a more opinionated approach. One could soften what I wrote by replacing "generally recommended" with something like "often appropriate" -- how does that seem to people? One can of course tinker with this stuff indefinitely. I actually spent a fair amount of time wondering how best to describe not setting a root password for instance -- should one say "leave the password unset", "set an empty password", "enter no password", or something like "just hit "? (and does that last one actually apply to all the available UIs?). The same goes for how you say that the password is not going to get shown (unless you ask for it to be shown), which in the GTK UI gets characters replaced with dots, IIRC in the text UI its with asterisks, and I'd guess it just gets completely hidden in the speech install. Cheers, Phil. -- Philip Hands -- https://hands.com/~phil signature.asc Description: PGP signature
Bug#769738: marked as done (debian-installer: Please automatically mount /usr in rescue mode)
On 02/03/2024 at 15:45, Debian Bug Tracking System wrote: Your message dated Sat, 2 Mar 2024 15:42:38 +0100 with message-id and subject line Re: #769738: split usr is unsupported Seriously ? has caused the Debian Bug report #769738, regarding debian-installer: Please automatically mount /usr in rescue mode to be marked as done. This bug is a duplicate of #1000239 which was fixed in rescue 1.86.
Bug#769738: marked as done (debian-installer: Please automatically mount /usr in rescue mode)
Your message dated Sat, 2 Mar 2024 15:42:38 +0100 with message-id and subject line Re: #769738: split usr is unsupported has caused the Debian Bug report #769738, regarding debian-installer: Please automatically mount /usr in rescue mode to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 769738: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769738 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-installer Severity: wishlist Rescue mode currently asks the user if she wants to mount a separate /boot partition. The same should probably happen for /usr. Preferably, this could be automatically detected (empty dirs and/or entries in fstab in target?) Thanks, Christian --- End Message --- --- Begin Message --- Looks like my old report became obsolete.--- End Message ---
