package: shadow Hi,
currently, when doing d-i installs with DEBCONF_PRIORITY, root and user passwords are only asked once (if not preseeded). IMO this is a grave bug, as this provides no way to detect typos, so users will choose simple passwords. (Or make typos...) And it's also different from all password prompting user interfaces I have seen. <h01ger> bubulle: are you still of the opinion that it's sane to only ask for the rootpw once if DEBCONF_PRIORITY=critical ? <bubulle> h01ger: yes, but, well, my opinion is maybe not what is to be implemented, after all.... I gave my arguments when this discussion occured a while ago, I have no new argument pro or against this. <h01ger> bubulle: i'm strictly against asking for passwords only once. How to detect typos that way ? There is no way so people will choose passwords like "mate" or "123" :-( If you ask for passwords, you have to confirm them. For critical installation mode, $disabled as a password would be much more handy :) <h01ger> bubulle: but we can discuss this nicely at debconf or maybe linuxtag/karlsruhe allready ? <bubulle> h01ger: Sure. I think that, indeed, this decision is among those which pertain to the whole d-i team. <bubulle> As shadow maintainer now (sigh), I will implement what is judged as most appropriate by the d-i team, as this feature is only used during installs <bubulle> [...] I *will* deal with that post-sarge...but, again, after taking opinions from either the d-i team, or the technical comitee, or by starting a flamew^W discussion in -devel <h01ger> bubulle: you might even argue that it's a debian decision. as "ergonomic user interfaces" are demanded by some laws (you are not allowed to use unergonomic software) and entering a password only once is against all users expectations. - even admins have a right for ergonomic software :-) but i absolutly agree with post-sarge and team-decision. <bubulle> h01ger: yep, the decision about prompting the root pw twice is a general design decision, so a "debian" decision (thus, technical comitee, again?) regards, Holger
pgpLnETbU2XeM.pgp
Description: PGP signature