Re: Request for review change in user-setup template
Quoting Justin B Rye (j...@edlug.org.uk): The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. And the root account will be disabled is useful information. All that's left is: mind the quotes round sudo! OK. So, Luk, this is the final proposal we come up with: The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. signature.asc Description: Digital signature
Re: Request for review change in user-setup template
Christian Perrier wrote: Quoting Justin B Rye (j...@edlug.org.uk): The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. And the root account will be disabled is useful information. All that's left is: mind the quotes round sudo! OK. So, Luk, this is the final proposal we come up with: The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. Ok, I'll commit this now. Cheers Luk -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Request for review change in user-setup template
Christian Perrier bubu...@debian.org writes: The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. I would s/leave this empty/do not specify a root password/ to be clearer, but the above isn't necessarily bad. -- \ “We demand rigidly defined areas of doubt and uncertainty!” | `\—Vroomfondel, _The Hitch-Hiker's Guide To The Galaxy_, Douglas | _o__)Adams | Ben Finney pgpYhuUEwmMHH.pgp Description: PGP signature
Request for review change in user-setup template
Hi Below is the change to the user-setup-udeb templates I intend to commit, please review it. Cheers Luk --- debian/user-setup-udeb.templates(revision 57747) +++ debian/user-setup-udeb.templates(working copy) @@ -43,6 +43,10 @@ A good password will contain a mixture of letters, numbers and punctuation and should be changed at regular intervals. . + Choosing an empty root password is not allowed. If you choose an empty + password, then a user account will be created and given the power to + become root using the 'sudo' command. + . Note that you will not be able to see the password as you type it. Template: passwd/root-password-again -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Request for review change in user-setup template
Quoting Luk Claes (l...@debian.org): --- debian/user-setup-udeb.templates (revision 57747) +++ debian/user-setup-udeb.templates (working copy) @@ -43,6 +43,10 @@ A good password will contain a mixture of letters, numbers and punctuation and should be changed at regular intervals. . + Choosing an empty root password is not allowed. If you choose an empty + password, then a user account will be created and given the power to + become root using the 'sudo' command. + . Note that you will not be able to see the password as you type it. Hmmm, the templates says that using an empty password is not allowed and *then* that choosing one will switch to sudo mode. That can be confusing. Also, the templates gives the feeling that the user account will be created *only* when choosing an empty password, which is of course not true..:-) I'd suggest: If the password is left empty, the unprivileged account that is created in next steps will be granted with the power to become root using the sudo command. PS: we should by the way make sure that something yells out if: - sudo mode is chosen - the unprivileged account creation is refused signature.asc Description: Digital signature
Re: Request for review change in user-setup template
Quoting Justin B Rye (j...@edlug.org.uk): Setting an empty root password is not allowed. If you specify an empty password, the system's initial user account will be given the power to become root using the 'sudo' command[ without a password]. That still leaves us with This is not allowed. If you di it, blah blahwhich anybody will immediately answe: So? Is it allowed *or not*? I propose: The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. (and this is not without a password) signature.asc Description: Digital signature
Re: Request for review change in user-setup template
Christian Perrier wrote: Quoting Luk Claes (l...@debian.org): + Choosing an empty root password is not allowed. If you choose an empty + password, then a user account will be created and given the power to + become root using the 'sudo' command. Hmmm, the templates says that using an empty password is not allowed and *then* that choosing one will switch to sudo mode. That can be confusing. Also, the templates gives the feeling that the user account will be created *only* when choosing an empty password, which is of course not true..:-) It certainly had me fooled - I had no idea it didn't mean what it said. And I'm still not clear whether it means plain sudoing privileges or NOPASSWD sudoing privileges... I'd suggest: If the password is left empty, the unprivileged account that is created in next steps will be granted with the power to become root using the sudo command. The account sounds fairly privileged to me, and is created in next steps needs work. My best guess so far: Setting an empty root password is not allowed. If you specify an empty password, the system's initial user account will be given the power to become root using the 'sudo' command[ without a password]. -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Request for review change in user-setup template
Christian Perrier wrote: Quoting Justin B Rye (j...@edlug.org.uk): Setting an empty root password is not allowed. If you specify an empty password, the system's initial user account will be given the power to become root using the 'sudo' command[ without a password]. That still leaves us with This is not allowed. If you di it, blah blahwhich anybody will immediately answe: So? Is it allowed *or not*? Specifying an empty password is allowed, but it doesn't set an empty root password. Still, your approach is much clearer: The root user should not have an empty password. If you leave this empty, the root account will be disabled and the system's initial user account will be given the power to become root using the sudo command. And the root account will be disabled is useful information. All that's left is: mind the quotes round sudo! -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
