Re: Shadow passwords and GNU su
Tom Lees:
> But if Debian is supposed to be moving to shadow in general anyway, why
> give new users the (rather confusing) choice?
Right now, the shadow packages need more testing. Maybe later...
Many people run single user systems and don't need shadow passwords.
> > samba-1.9.16p9 works just fine with both shadow and non-shadow
> ^^^^^^^^^^^^^^^^^^^^^^^^^^
> > passwords. No changes required.
>
> Well, it didn't for me. I tried the binary version currently in bo, and it
> breaks without shadow passwords - is this a bug in shadow or samba? Then,
I have the binary version currently in rex, and it works. The version
currently in bo is a symlink to the one in rex :-). I reinstalled it
just to be sure, and it's exactly the same version. Very strange...
> > # cd /usr/X11R6/bin && mv xdm-shadow xdm
> > (works with both shadow and non-shadow passwords, too)
>
> Not so sure - else why supply both? See above.
Old versions of X had two separate binaries, xdm-shadow (only for shadow
passwords) and xdm (only for non-shadow passwords). Later, the code has
been modified to work with both shadow and non-shadow passwords (if
compiled with shadow support), but somehow the old Imakefile was used.
I have reported this to the XFree86 people, and they promised to fix it
in the next release.
> > What is the problem with useradd, that we really shouldn't be using it?
> > Inquiring minds want to know...
>
> It doesn't follow the Debian way of doing userIDs. What I meant was not to
What is the official correct Debian way of doing userIDs? I know it has
been discussed a lot, but I don't know if any consensus has been reached.
BTW, the new UID range for useradd is configurable.
> I'll do that then. But do we now need a new virtual package - 'su'? (GNU
> su should be marked Essential, as should shadow-su - but we only want one
> of them installed - how will dpkg and dselect handle this?)
Like login vs shadow-login, I think... shadow-login Provides, Replaces,
and Conflicts login. Both are marked Essential. It seems to work well.
Marek
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: