[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#944329: debian-policy: Unclear text about password files modifications

Guillem Jover <guillem@debian.org> writes:

> There's this text in section §9.2.1:

>   ,---
>   Packages other than "base-passwd" must not modify "/etc/passwd",
>   "/etc/shadow", "/etc/group" or "/etc/gshadow".
>   `---

> It's not clear to me, whether this refers to the packaging or any
> program provided by that package. Depending on the reading this would
> make the passwd package buggy. So it might be worth clarifying probably
> by adding "passwd" to the exception.

I thought this was more complicated and other packages like adduser might
modify those files directly, but it looks like this isn't the case and
everything else uses the commands in passwd.  So I think we can just say
this:

    Packages other than ``base-passwd`` and ``passwd`` must not directly
    modify ``/etc/passwd``, ``/etc/shadow``, ``/etc/group`` or
    ``/etc/gshadow``.

I added "directly" since of course adduser modifies /etc/passwd
indirectly, as does every package that calls adduser in its maintainer
scripts.

-- 
Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>
Reply to: