[Pkg-shadow-devel] Bug#325910: Patch for the passwd.config RC bug

Thu Sep 1 05:51:38 UTC 2005

325910 was filed RC by Tollef on my request against passwd, to prevent
the 4.0.3-39 package to enter testing. This would completely break d-i
testing installs. Fortunately, for a reason I currently ignore,
4.0.3-39 did not enter testing yet.

Unfortunately for Ubuntu, they use unstable..:-)

Tollef's suggestion is right but it would have the bad consequence of
reverting to a behaviour we changed after a d-i install report by our
former DPL:

-if the password mismatch, the user is then prompted again for user
 information (user account) instead of just being re-prompted for
 passwords


The attached patch is, IMHO, better. It adds a state to the state
machine in passwd.config.

To test passwd.config some hacks are needed: this script is designed
to run only when the package is installed and not when it is
reconfigured.

Moreover, the user addition code only runs when no regular user
exists, which is nearly never true on live systems..:-)

So, to test it on a live unstable system:

-apply the patch to /var/lib/dpkg/info/passwd.config (should I tell
you to back it up?)
-comment lines 10 to 12 (if test)
-change "return 0" in the is_system_user function to "return 1"
-set debconf to medium priority
-run "dpkg-reconfigure passwd"

ALL these changes are very important is you want to avoid looping..:-)

Drawback: this will probably add at least one user on the test
system. Don't forget deleting it.

Drawback 2: making is_system_user always returning 1 will make the
code checking for an existing user be useless of course. So, after
creating a user...the system will loop and prompt you for another
one. Of course, you should then refuse this.

Again, PLEASE TEST. This part of code is used by Debian Installer and
is critical for it.

To D-I people: this bringed back to me the idea of a passwd udeb
including code to run the user setting stuff in stage 1. I guess that
Joey is thinking about it in order to get rid of base-config. As soon
as the shadow team has completed the "sync with usptream" work, we
should begin working on this. Help welcomed. I know this idea also
floats in Ubuntu.


-- 



-------------- next part --------------

--- passwd.config.save	2005-08-31 20:24:04.000000000 +0200
+++ passwd.config	2005-09-01 07:34:51.000000000 +0200
@@ -98,7 +98,7 @@
 # Main loop starts here. Use a state machine to allow jumping back to
 # previous questions.
 STATE=0
-while [ "$STATE" != '9' ] && [ "$STATE" != '-1' ]; do
+while [ "$STATE" != '10' ] && [ "$STATE" != '-1' ]; do
 	case "$STATE" in
 	0)
 		# Ask how the password files should be set up.
@@ -200,10 +200,6 @@
 				fi
 			fi
 			db_input critical passwd/username || true
-			db_input critical passwd/user-password || true
-			COMPARE_PW=''
-			db_input critical passwd/user-password-again \
-				&& COMPARE_PW=1 || true
 		fi
 	;;
 	8)
@@ -221,6 +217,15 @@
 				continue
 			fi
 			
+			db_input critical passwd/user-password || true
+			COMPARE_PW=''
+			db_input critical passwd/user-password-again \
+				&& COMPARE_PW=1 || true
+		fi
+	;;
+	9)
+		db_get passwd/make-user
+		if [ "$RET" = true ] && ! is_system_user; then
 			# Compare the two passwords, loop with message if not
 			# identical, or if empty.
 			db_get passwd/user-password
