Re: RFC auth patch
Frans Pop <elendil@planet.nl> writes:
>> Index: manual/en/appendix/preseed.xml
>> ===================================================================
>> +#d-i debian-installer/allowunauthenticated string true
>
> Shouldn't this parameter be documented as a boot parameter too? Would it
> be worth creating an alias for it (as it is very long in its raw form)?
I don't like the idea to make too easy to install without authentication.
> Also, I'd suggest debian-installer/allow_unauthenticated for readability.
Ack.
>> Index: packages/base-installer/debian/postinst
> [...]
>> + cat > /target/etc/apt/apt.conf.d/00AllowUnauthenticated << EOT
>> +# Force apt to ignore auth issues.
>> +# Warning: This configuration is insecure and not recommended!
>> +APT::Get::AllowUnauthenticated "true";
>> +EOT
>
> Should this be really be kept by default for the target system? If so,
> that should be documented very clearly.
Indeed. It could be removed on finish-install and leaving the final
system _asking_ about the unauthenticated package install every time.
--
O T A V I O S A L V A D O R
---------------------------------------------
E-mail: otavio@debian.org UIN: 5906116
GNU/Linux User: 239058 GPG ID: 49A5F855
Home Page: http://otavio.ossystems.com.br
---------------------------------------------
"Microsoft sells you Windows ... Linux gives
you the whole house."
Reply to: