[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC auth patch

Frans Pop <elendil@planet.nl> writes:

>> Index: manual/en/appendix/preseed.xml
>> ===================================================================
>> +#d-i debian-installer/allowunauthenticated string true
> Shouldn't this parameter be documented as a boot parameter too? Would it 
> be worth creating an alias for it (as it is very long in its raw form)?

I don't like the idea to make too easy to install without authentication.

> Also, I'd suggest debian-installer/allow_unauthenticated for readability.


>> Index: packages/base-installer/debian/postinst
> [...]
>> +	cat > /target/etc/apt/apt.conf.d/00AllowUnauthenticated << EOT
>> +# Force apt to ignore auth issues.
>> +# Warning: This configuration is insecure and not recommended!
>> +APT::Get::AllowUnauthenticated "true";
>> +EOT
> Should this be really be kept by default for the target system? If so, 
> that should be documented very clearly.

Indeed. It could be removed on finish-install and leaving the final
system _asking_ about the unauthenticated package install every time.

        O T A V I O    S A L V A D O R
 E-mail: otavio@debian.org      UIN: 5906116
 GNU/Linux User: 239058     GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
"Microsoft sells you Windows ... Linux gives
 you the whole house."

Reply to: