Re: debconf best practices: how to ask for a password?
>>>>> "Joey" == Joey Hess <joeyh@debian.org> writes:
Joey> Francois Marier wrote:
>> Now the problem (see bug #462658) is that if you ever put a non-empty
>> password there, then, you can no longer get rid of it after
>> dpkg-reconfiguring the package. debconf seems to be ignoring empty password
>> fields and still returns the previous value.
Joey> This is a deficiency in debconf's UIs for prompting for password. Since
Joey> there's generally no sane way to display the old password as the default
Joey> and allow users to change it or delete the password entirely, debconf
Joey> instead displays no password, and if the user enters nothing, assumes
Joey> they meant to enter the old password unchanged.
This is really confusing UI. To me, as a user, it would appear there
is no way of reusing the old password, and it would appear that
pushing enter will result in the password being truncated. In fact
this is what probably would happen if the system has forgotten the
password entered for some reason (maybe it was never entered via
debconf before).
In the past I have almost filled bug reports against certain packages
because I have had to reenter the passwords on every upgrade, even
though it already knows the details. There is no way for a user to
know if debconf has an old password on record or not.
Can you replace the password with stars? This way you can see if there
is a password or not, and you get visual feedback when entering a
password that it is being received too (another issue I have had in
the past; not sure why it confused me so much now).
--
Brian May <bam@snoopy.debian.net>
Reply to: