[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re^2: Another shadow question

David Frey writes:
> Guy> Is it possible for a system to be switched to or from shadow support,
> Guy> or must the decision be made on installation?  
> You simply have to replace the shadow package against it non-shadow
> counterparts: login, su, passwd etc.

As far as I know the shadow-login binary works well without shadow

> No. It was a private hack for me, so there aren't any sophisticated
> install scripts etc.

I did take David's patches, applied them to Marek's latest sources
(960415) and adjusted them accordingly. I will upload a test package later
on today. 

Right now it does install and de-install pretty well automatically. However,
there are still some problems with other packages being replaced. In detail:

1) Shadow installs its own passwd.5 manpage. This is different from the
manpages version as it contains a reference to shadow.3. I'm not sure is
that makes it worth to keep the shadow manpage.

2) Neither login not passwd are totally replaced. There are two config files
that are kept (securetty and shells) and two binaries vipw/vigr. What shall
we do with these files?

Other than that it works fine. BTW there are quite a lot of shadow aware
packages available at i17linuxb.ists.pwr.wroc.pl. I don't know which
packages should be conflicting, though. I believe there is no imapd
available that's shadow aware.

Please test this package as much as possible. 

> Guy>             I'm imagining a program, shadowconfig, that could be run
> Guy> to turn on or off shadow password support.  The other programs would
> Guy> adjust based on whether the password was in the passwd struct.  Is this
> Guy> practical?
> I don't think it's practical (but not impossible).

The postinst/prerm files do install/deinstall shadow support. And some
binaries work well with and without shadow password file. Currently I think
only sudo and wu-ftpd from the standard distribution do so. But I expect
netstd to be moved pretty soon and I still hop Dirk will put this little
patch into xlockmore. I'm running a patched version since I installed my
system but have upgraded to shadow password file a few days ago. No problem.

> Guy> shadow password support, however, would be a big feather in our cap.
> Yes, that's exactly my opinion, too.

Mine too.


Michael Meskes                   |    _____ ________ __  ____
                                 |   / ___// ____/ // / / __ \___  __________
meskes@informatik.rwth-aachen.de |   \__ \/ /_  / // /_/ /_/ / _ \/ ___/ ___/
                                 |  ___/ / __/ /__  __/\__, /  __/ /  (__  )
Use Debian Linux!		 | /____/_/      /_/  /____/\___/_/  /____/

Reply to: