[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Moving root password management and first user creation out of 2nd stage



> 4) Run dpkg-reconfigure passwd from inside d-i using the passthrough
>    frontend to let it talk to the user with cdebconf.

Well, sure. I was ignorant enough for even not imagining this is
actually possible..:-)

> That's what I'm hoping to do for this and a lot of other parts of
> base-config (notably tasksel). There's no reason to use udebs for this
> stuff. There was a reason to use udebs for clock, timezone, and apt
> setup, since they can be simplified by being tied into the installer
> and/or by running before there is a base system.
> 
> > passwd config script is fairly simple and actually does something ONLY
> > on "reconfigure" so, in (very) short, it is only useful on new systems
> > installs.
> 
> That's a good point and if the passwd mantainers prefer to not have the
> password prompting in there for that reason we can come up with another
> approach, but I still don't see a reason to do it in code that runs in
> the d-i environment as opposed to code that runs in the base system.

On argument for a udeb could be that this code is in passwd ONLY for
new installs purposes. So, in short, this is d-i code embedded in
another package. There is no real point in doing what's in passwd
configure script on a live system. There are easier ways to change the
root's password...and create a new user.

For the moment, at least one of the maintainer of shadow is also part
of the d-i team, so that's not a big deal.

However, even with this advantage, this forces us (the shadow
maintainers) to keep attention on concerns which are actually part of
d-i concerns (preseeding passwords for instance).


> Anyway, the next bits I really want to deal with in base-config after
> the beta are: 
>   - finishing moving apt-setup out
>   - then removing the redundant keyboard and hostname setup stuff
>     (after making sure d-i configures them appropriatly in all cases)
>   - and only then worrying about passwd, second-stage preseeding,
>     tasksel, and exim setup.


OK, then. I get the point: no hurry and, anyway, even if we move
things to 1st stage, the current code will be sued so I can keep on
improving it (for instance the MD5 hash preseeding feature).




Reply to: