[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#294783: passwd: root-password-again and user-password-again should be "critical"

tags 294783 wontfix

Quoting Carlos Parra Camargo (carlospc@gmail.com):
> Package: passwd
> Version: 1:4.0.3-30.9
> Severity: wishlist
> user-password-again and root-password-again are "high" priority. The
> should be "critical" priority, it's very dangerous ask just one time the
> password.
> debian/passwd.config:     db_input high passwd/user-password-again 
>                                    ^^^^
> debian/passwd.config:     db_input high passwd/root-password-again
>                                    ^^^^

Using the critical priority during installs means you are ready to
minimize the user interaction as much as possible. For that reason,
the password confirmation dialog was set to high because this
information is, strictly speaking, not absolutely necessary for the
package to be operational.

See debconf-devel(7)...

INPUT priority question
       Items that will probably break the system without user intervention.

The lack of the shadow/root-password-again entry will not break the
system. Only the user mistake will.

There is no real danger in a root password entry mistake during the
system setup as you're very likely to notice the mistake immediately at
the end of the install and then fix this through the usual methods in
such cases.

So, I don't really see a need for this change to occur and certainly
not before sarge release.

Reply to: