I'm currently trying to finish the work on the shadow package. However,
there are some decision to make:
1) Should we change the login package to be shadow aware? Or should shadow
come with its own login (that works with and without shadow password files)?
Or should we use the shadow login as standard?
I'm not sure which is the better one. I did change the standard login to be
shadow aware (easy) but I'm not sure about all the other features it has.
There are quite a lot of additional checks in the shadow login. Does anyone
has some info about this? Marek? Guy?
2) The login package also contains newgrp which has to be changed to be
shadow aware. The shadow package comes with its own newgrp source (much more
C code). So here's the same problem as under 1). Also there's the securetty
conffile that has to be included in both packages if we allow shadow to
install its own login and newgrp.
3) We definitely have to use the shadow passwd source to be able to handle
the shadowed passwd file, while the old one is needed for the standard
passwd file. But the passwd package also contains a conffile (/etc/shells)
and two more binaries that are not affected by shadow (vipw/vigr). Should I
add these to the shadow package, too?
4) Finally, how do I correctly set up the control file? I take it the
'Breaks:' option isn't implemented yet. But shadow breaks older version of
all packages that check the password.
Michael Meskes | _____ ________ __ ____
email@example.com | / ___// ____/ // / / __ \___ __________
firstname.lastname@example.org | \__ \/ /_ / // /_/ /_/ / _ \/ ___/ ___/
email@example.com | ___/ / __/ /__ __/\__, / __/ / (__ )
Use Debian Linux! | /____/_/ /_/ /____/\___/_/ /____/