Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Philip Hands 
Justin B Rye  writes:

> Philip Hands wrote:
>> Justin B Rye  writes:
...
>> 
>> The reason behind that structure was supposed to be that one definitely
>> needs _a_ password, but not necessarily a root password, so the password
>> advice applies to whichever password you'll decide to grant root access
>> to, which might not be set here.
>
> This template is specifically about the "Root password/passphrase";

Well, sort-of, except that the user's response (whether to leave this
blank or not) modifies what happens with the user account's permissions,
so it's also about explaining the way that logic works in the installer
and what that will do to the target system.

> probably I should have quoted the patch I was looking at, which starts
> with "One needs a password/passphrase that grants access to the 'root'
> (system administrative) account" but goes on to say "Alternatively,
> you can lock root's password by leaving this setting empty".

I'm intimately familiar with the patches you're reading, so I feel like
this comment suggests that we may be talking past one another somehow.

Cheers, Phil.
-- 
Philip Hands -- https://hands.com/~phil


signature.asc
Description: PGP signature

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Justin B Rye 
Philip Hands wrote:
> Justin B Rye  writes:
>> It needs a small amount of rephrasing, but the most important problem
>> is that it starts by saying you need to set a password and then goes
>> on to suggest that you might not need to set a password.  Maybe that
>> can be fixed by rearranging things slightly...
>>
>>  Template: passwd/root-password
>>  Type: password
>>  # :sl1:
>>  _Description: Root password/passphrase:
>>   To allow direct password/passphrase-based access to the 'root'
>>   (system administrative) account you can set it up here.
>>   The results can be disastrous if a malicious or incompetent user
>>   obtains root access, so you should not set one that can be guessed,
>>   found in dictionaries, or easily associated with you.
>>   .
>>   Alternatively, you can lock root's password
>>   by leaving this setting empty, and
>>   instead use the system's initial user account
>>   (which will be set up in the next step)
>>   to become root. This will be enabled for you
>>   by adding that user to the 'sudo' group.
>>   .
>>   Note: what you type here will be hidden (unless you select to show it).
>>
>> Does this still feel like the same advice?
> 
> The reason behind that structure was supposed to be that one definitely
> needs _a_ password, but not necessarily a root password, so the password
> advice applies to whichever password you'll decide to grant root access
> to, which might not be set here.

This template is specifically about the "Root password/passphrase";
probably I should have quoted the patch I was looking at, which starts
with "One needs a password/passphrase that grants access to the 'root'
(system administrative) account" but goes on to say "Alternatively,
you can lock root's password by leaving this setting empty".

> I'm OK with the way you've phrased it, although my personal preference
> would be to simply drop the "disastrous" sentence if we use this
> version, because I think it breaks the straightforward flow of the text
> laying out the choice we're trying to get the user to make between the
> two available options. (I also rather doubt that anything we say at this
> point in the install will have the slightest influence on people's
> choice of password).

I can imagine people might be more likely to heed something shorter;
maybe it could be boiled down to

To allow direct password/passphrase-based access to the 'root'
(system administrative) account you can set it up here.
To protect your system you should not use one that can be guessed.

-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Grub 2

2024-03-05 Thread Bernard LECANARD 
Hi,
I try to compile a 64bits kernel on my debian 12 32bits (with a luks2
partition on all the disk) and it not going well. My computer had a boot
problem first (when i was booting on the 64bit kernel) :
1) problem on the screen
2) problem for the luks 2 (password recognise)
3) swap not good

So touch my fstab, and then my computer refuse to boot at all (grub rescue
and all) :
1) Try to actived the normal mod (not such file)
2) Try to reinstall the grub in 32 and 64 bit (change but no recognised
password)
3) Try to actived the os prober (same issue, see the 2))

Now im stock the bootrepair, say that to me :
"Please enable a repository containing the [linux-generic] packages in the
software sources of Debian GNU/Linux 12 (bookworm)
(/dev/mapper/Albert--vg-root). Then try again"
 and that too :
"Please enable a repository containing the [grub2] packages in the software
sources of Debian GNU/Linux 12 (bookworm) (/dev/mapper/Albert--vg-root).
Then try again."

Im stuck here for now, how do i actived this repository on boot repair -
Linuxmint 21.2 Victoria?

Thank you

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Philip Hands 
Justin B Rye  writes:

> Holger Wansing wrote:
>> @d-l10n-english: hey guys, we would like to get a proposal reviewed, 
>> which aims to improve the root/user password screens in the installer.
>> 
>> Please find the related merge request at
>> 
>
> It needs a small amount of rephrasing, but the most important problem
> is that it starts by saying you need to set a password and then goes
> on to suggest that you might not need to set a password.  Maybe that
> can be fixed by rearranging things slightly...
>
>  Template: passwd/root-password
>  Type: password
>  # :sl1:
>  _Description: Root password/passphrase:
>   To allow direct password/passphrase-based access to the 'root'
>   (system administrative) account you can set it up here.
>   The results can be disastrous if a malicious or incompetent user
>   obtains root access, so you should not set one that can be guessed,
>   found in dictionaries, or easily associated with you.
>   .
>   Alternatively, you can lock root's password
>   by leaving this setting empty, and
>   instead use the system's initial user account
>   (which will be set up in the next step)
>   to become root. This will be enabled for you
>   by adding that user to the 'sudo' group.
>   .
>   Note: what you type here will be hidden (unless you select to show it).
>
> Does this still feel like the same advice?

The reason behind that structure was supposed to be that one definitely
needs _a_ password, but not necessarily a root password, so the password
advice applies to whichever password you'll decide to grant root access
to, which might not be set here.

I'm OK with the way you've phrased it, although my personal preference
would be to simply drop the "disastrous" sentence if we use this
version, because I think it breaks the straightforward flow of the text
laying out the choice we're trying to get the user to make between the
two available options. (I also rather doubt that anything we say at this
point in the install will have the slightest influence on people's
choice of password).

> Otherwise the only thing I see is:
>
>  Template: passwd/user-password
>  Type: password
>  # :sl1:
>  _Description: Choose a password/passphrase for the new user:
>   Make sure to select a strong password/passphrase, that cannot be guessed.
>
> No comma needed there.

Well done -- I kept noticing that, and somehow didn't get round to
fixing it. I've now deleted it, so thanks for pointing it out again. :-)

Cheers, Phil.
-- 
Philip Hands -- https://hands.com/~phil


signature.asc
Description: PGP signature

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Justin B Rye 
Holger Wansing wrote:
> @d-l10n-english: hey guys, we would like to get a proposal reviewed, 
> which aims to improve the root/user password screens in the installer.
> 
> Please find the related merge request at
> 

It needs a small amount of rephrasing, but the most important problem
is that it starts by saying you need to set a password and then goes
on to suggest that you might not need to set a password.  Maybe that
can be fixed by rearranging things slightly...

 Template: passwd/root-password
 Type: password
 # :sl1:
 _Description: Root password/passphrase:
  To allow direct password/passphrase-based access to the 'root'
  (system administrative) account you can set it up here.
  The results can be disastrous if a malicious or incompetent user
  obtains root access, so you should not set one that can be guessed,
  found in dictionaries, or easily associated with you.
  .
  Alternatively, you can lock root's password
  by leaving this setting empty, and
  instead use the system's initial user account
  (which will be set up in the next step)
  to become root. This will be enabled for you
  by adding that user to the 'sudo' group.
  .
  Note: what you type here will be hidden (unless you select to show it).

Does this still feel like the same advice?

Otherwise the only thing I see is:

 Template: passwd/user-password
 Type: password
 # :sl1:
 _Description: Choose a password/passphrase for the new user:
  Make sure to select a strong password/passphrase, that cannot be guessed.
  ^
No comma needed there.
-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Philip Hands 
Cyril Brulebois  writes:

> Philip Hands  (2024-03-05):
>> Cool, in that case I'll fix those two things and then use the result
>> for the MR[1], and if the openQA test runs look OK, will merge that.
>
> Only skimmed over it, but that looks sensible, thanks all.
>
> Is it worth getting d-l-english involved in a final review before
> getting that translated?  Contrary to a lot of not-so-critical l10n
> material, that particular screen is crucial, and I'd hate it if we
> wasted translator efforts due to a missed typo or obvious improvement.

I'm happy with doing that, and we might as well get it right given that
it's been ~12 years since the first bug, so a few more days makes no
odds.

I'm pretty sympathetic with the idea of simply dropping the password
advice (as just mentioned by Diederik) but it seems that Holger prefers
to keep it in -- either is fine with me.

BTW I don't know much about how the translation side of things works,
but given that there are many ways of getting the fine detail of this to
be incorrect in various ways, is there a standard method for adding
hints for translators, and should that be done?

Cheers, Phil.
-- 
Philip Hands -- https://hands.com/~phil


signature.asc
Description: PGP signature

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Holger Wansing 
Hi all,

Am 5. März 2024 19:28:25 MEZ schrieb Cyril Brulebois :
>Philip Hands  (2024-03-05):
>> Cool, in that case I'll fix those two things and then use the result
>> for the MR[1], and if the openQA test runs look OK, will merge that.
>
>Only skimmed over it, but that looks sensible, thanks all.
>
>Is it worth getting d-l-english involved in a final review before
>getting that translated? Contrary to a lot of not-so-critical l10n
>material, that particular screen is crucial, and I'd hate it if we
>wasted translator efforts due to a missed typo or obvious improvement.

Good idea.

@d-l10n-english: hey guys, we would like to get a proposal reviewed, 
which aims to improve the root/user password screens in the installer.

Please find the related merge request at


There was some (more) discussion / various attempts on finding
the correct wording, most of which can be found in



Maybe we should have put d-l10n-english into the loop earlier, sorry for not
doing that.


Holger


-- 
Sent from /e/ OS on Fairphone3

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Diederik de Haas 
On Tuesday, 5 March 2024 19:28:25 CET Cyril Brulebois wrote:
> Philip Hands  (2024-03-05):
> > Cool, in that case I'll fix those two things and then use the result
> > for the MR[1], and if the openQA test runs look OK, will merge that.
> 
> Only skimmed over it, but that looks sensible, thanks all.
> 
> Is it worth getting d-l-english involved in a final review before
> getting that translated? Contrary to a lot of not-so-critical l10n
> material, that particular screen is crucial, and I'd hate it if we
> wasted translator efforts due to a missed typo or obvious improvement.

I had started a reply before I had to get out the door, so I'll just keep it 
to one suggestion, which may seem a bit 'radical':

How about getting rid of the password advise entirely from the d-i screen?

We could still make educational resources with f.e. tips on passwords/
passphrases in f.e. the wiki, but it's not the job or the (best) place to put 
such things in the d-i screens?

signature.asc
Description: This is a digitally signed message part.

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Cyril Brulebois 
Philip Hands  (2024-03-05):
> Cool, in that case I'll fix those two things and then use the result
> for the MR[1], and if the openQA test runs look OK, will merge that.

Only skimmed over it, but that looks sensible, thanks all.

Is it worth getting d-l-english involved in a final review before
getting that translated? Contrary to a lot of not-so-critical l10n
material, that particular screen is crucial, and I'd hate it if we
wasted translator efforts due to a missed typo or obvious improvement.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Philip Hands 
Holger Wansing  writes:

> Hi,
>
> Am 5. März 2024 15:01:21 MEZ schrieb Philip Hands :
>>Here are my latest attempts:
>
> "Be aware that that a ..."
> doubled "that"
>
> "... (unless you select to show it)"
> missing fullstop.

Well spotted - Thanks :-)

> Otherwise: looks good to me.

Cool, in that case I'll fix those two things and then use the result for
the MR[1], and if the openQA test runs look OK, will merge that.

Cheers, Phil.

[1] https://salsa.debian.org/installer-team/user-setup/-/merge_requests/7
-- 
Philip Hands -- https://hands.com/~phil


signature.asc
Description: PGP signature

Bug#1064617: Passwords should not be changed frequently

2024-03-05 Thread Holger Wansing 
Hi,

Am 5. März 2024 15:01:21 MEZ schrieb Philip Hands :
>Here are my latest attempts:

"Be aware that that a ..."
doubled "that"

"... (unless you select to show it)"
missing fullstop.

Otherwise: looks good to me.


Holger



-- 
Sent from /e/ OS on Fairphone3

Bug#1065463: debootstrap can deal with native dpkg file replacement feature

2024-03-05 Thread Holger Levsen 
On Tue, Mar 05, 2024 at 08:36:59AM +0800, Steven Shiau wrote:
> debootstrap should be able to solve the libuuid1t64 dependency by installing
> libuuid1 only.

just in case you are not aware, bootstrapping using either mmdebstrap or
cdebootstrap works atm. mmdebstrap is faster and mostly a drop-in replacement.
(same applies to cdebootstrap but its less faster :)

daily tests are available at:

https://jenkins.debian.net/job/reproducible_debootstrap_unstable/
https://jenkins.debian.net/job/reproducible_cdebootstrap_unstable/
https://jenkins.debian.net/job/reproducible_mmdebstrap_unstable/


-- 
cheers,
Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

Where will you go when you become a climate refugee?


signature.asc
Description: PGP signature