Hi, On Tue, 2 Aug 2016 11:45:40 +0200 Andreas Henriksson <andr...@fatal.se> wrote: > Hello Laurent Bigonville. > > Thanks for opening this bug report. I remember we've touched on this > subject inside another bug report but I feel it's useful to have a > separate on-topic discussion about this... > > On Tue, Aug 02, 2016 at 11:01:56AM +0200, Laurent Bigonville wrote: > > Package: util-linux > > Version: 2.28-6 > > Severity: normal > > > > Hi, > > > > ATM, on debian, login, su, ... are provided by the shadow package. > > Currently we use the --disable-login --disable-nologin and > --disable-su configure flags when building util-linux in Debian > because these are provided by the "login" package. > > We also use --disable-chfn-chsh as that's provided by the "passwd" > package. > > Both "login" and "passwd" are built from src:shadow. > > > > > It seems that all other distribution are using the implementations from > > util-linux. > > Yes. > > > > > Shouldn't debian do the same and shouldn't we build the "login" from > > util-linux? > > It's not only these tools, but the entile login and authentication stack > seems to have a different origin in Debian compared to other > distributions. I'm sure you for example know better than me about the > history about our PAM deviations from other distributions. > I think this issue should be viewed in a broader perspective. > > > > > This should of course be coordinated with the maintainer of the shadow > > package. > > Feedback from the shadow maintainer(s) would be very welcome/useful > on this bug report.
I have just stepped up as a new shadow maintainer and I would support the switch to the more widely used variants. > > I think we should not only focus about a few tools that overlap between > shadow and util-linux, but view this from a bigger perspective. Someone > needs to draw the bigger picture, come up with a plan for how we'd like > the future map to look like (and why we should do all this work). Maybe discussing the bigger picture on pkg-auth-maintain...@lists.alioth.debian.org would help the planning. > > Also someone needs to make sure the different implementation of the > tools are actually 100% compatible or what migrations we need to handle > on package upgrades. > > Please note that while "login" is Essential: yes, the "passwd" package > is not. Things to keep in mind when expanding util-linux is that > all tools then become Essential: yes which I think is unfortunate as > we should strive to keep the essential set as small as possible. Rebootstrapping [1] already covers util-linux thus I think building login from util-linux would not cause big problems. Cheers, Balint [1] https://anonscm.debian.org/cgit/users/helmutg/rebootstrap.git/
