[Pkg-shadow-commits] r1179 - trunk/debian
Christian Perrier
bubulle at alioth.debian.org
Sun Apr 15 15:52:42 UTC 2007
Author: bubulle
Date: 2007-04-15 15:52:41 +0000 (Sun, 15 Apr 2007)
New Revision: 1179
Removed:
trunk/debian/passwd.config
trunk/debian/passwd.templates
trunk/debian/po/
Modified:
trunk/debian/changelog
trunk/debian/control
Log:
Remove all debconf stuff. This is no longer used by D-I and there is no
point in keeping it and bothering translators with it
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2007-04-15 14:57:02 UTC (rev 1178)
+++ trunk/debian/changelog 2007-04-15 15:52:41 UTC (rev 1179)
@@ -11,6 +11,8 @@
to sarge:
- passwd: shadow-passwd, pam-apps, suidregister (<< 0.50), debconf (<< 0.5)
- login: shadow-login, pam-apps, secure-su, suidregister (<< 0.50)
+ - Remove all debconf configuration. This is now done in D-I and is
+ no longer useful on regular systems. Closes: #386529
- Remove Replaces for packages that are only in Debian releases prior
- passwd: manpages (<=1.15-2), manpages-pl (<= 20020406-1)
- login: shadow-login, shadow-passwd, shellutils (<< 2.0-2), manpages-pl (<= 20020406-1)
Modified: trunk/debian/control
===================================================================
--- trunk/debian/control 2007-04-15 14:57:02 UTC (rev 1178)
+++ trunk/debian/control 2007-04-15 15:52:41 UTC (rev 1179)
@@ -4,7 +4,7 @@
Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
Standards-Version: 3.7.2.0
Uploaders: Christian Perrier <bubulle at debian.org>, Martin Quinson <mquinson at debian.org>, Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net>
-Build-Depends: autoconf, automake1.9, libtool, gettext, libpam0g-dev, debhelper (>= 4.1.16), po-debconf, quilt, dpkg-dev (>= 1.13.5), xsltproc, docbook-xsl, docbook-xml, libxml2-utils, cdbs, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64], gnome-doc-utils (>= 0.4.3-1)
+Build-Depends: autoconf, automake1.9, libtool, gettext, libpam0g-dev, debhelper, quilt, dpkg-dev (>= 1.13.5), xsltproc, docbook-xsl, docbook-xml, libxml2-utils, cdbs, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64], gnome-doc-utils (>= 0.4.3-1)
XS-X-Vcs-Svn: svn://svn.debian.org/svn/pkg-shadow/trunk
Package: passwd
Deleted: trunk/debian/passwd.config
===================================================================
--- trunk/debian/passwd.config 2007-04-15 14:57:02 UTC (rev 1178)
+++ trunk/debian/passwd.config 2007-04-15 15:52:41 UTC (rev 1179)
@@ -1,350 +0,0 @@
-#!/bin/sh -e
-
-test -f /usr/share/debconf/confmodule || exit 0
-
-# Check to see if the package is being reconfigured.
-# I don't want to bother on an initial install or on upgrade, because
-# some of the password stuff below could mess with a perfectly working
-# system when passwd was just harmlessly upgraded (that has happened
-# in the past).
-if [ "$1" != reconfigure ]; then
- exit 0
-fi
-
-# don't make assumptions about the umask
-umask 022
-
-. /usr/share/debconf/confmodule
-db_capb "backup"
-db_settitle passwd/title
-
-# Returns a true value if there seems to be a system user account.
-is_system_user () {
- # Assume NIS, or any uid from 1000 to 29999, means there is a user.
- if grep -q '^+:' /etc/passwd || \
- grep -q '^[^:]*:[^:]*:[1-9][0-9][0-9][0-9]:' /etc/passwd || \
- grep -q '^[^:]*:[^:]*:[12][0-9][0-9][0-9][0-9]:' /etc/passwd; then
- return 0
- else
- return 1
- fi
-}
-
-# Returns a true value if root already has a password.
-root_password () {
- # Assume there is a root password if NIS is being used.
- if grep -q '^+:' /etc/passwd; then
- return 0
- fi
-
- if [ -e /etc/shadow ] ; then
- RSP="`grep ^root: /etc/shadow | cut -d : -f 2`"
- [ -n "$RSP" ] && [ "x$RSP" != 'x*' ] && return 0
- fi
-
- RPW="`grep ^root: /etc/passwd | cut -d : -f 2`"
- [ -n "$RPW" ] && [ "x$RPW" != 'xx' ] && return 0
-
- return 1
-}
-
-# Set a password, via chpasswd.
-# Use perl rather than echo, to avoid the password
-# showing in the process table. (However, this is normally
-# only called when first booting the system, when root has no
-# password at all, so that should be an unnecessary precaution).
-#
-# Pass in three arguments: the user, the password, and 'true' if the
-# password has been pre-crypted (by preseeding).
-setpassword () {
- SETPASSWD_PW="$2"
- export SETPASSWD_PW
-
- # This is very annoying. chpasswd cannot handle generating md5
- # passwords as it is not PAM-aware. Thus, I have to work around
- # that by crypting the password myself if md5 is used.
- USE_MD5=1
- export USE_MD5
-
- if [ "$3" = true ]; then
- PRECRYPTED=1
- else
- PRECRYPTED=''
- fi
- export PRECRYPTED
- perl -e '
- sub CreateCryptSalt {
- my $md5 = shift;
-
- my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
- my ($in, $out);
-
- my $cryptsaltlen = ($md5 ? 8 : 2);
-
- open (F, "</dev/urandom") || die "No /dev/urandom found!";
- foreach (1..$cryptsaltlen) {
- read(F, $in, 1);
- $out .= $valid[ord($in) % ($#valid + 1)];
- }
- close F;
- return ($md5 ? "\$1\$$out\$" : $out);
- }
-
- open(P,"| chpasswd -e");
- if ($ENV{PRECRYPTED}) {
- print P shift().":$ENV{SETPASSWD_PW}\n";
- } else {
- print P shift().":".
- crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
- "\n";
- }
- close P;
- ' "$1"
- SETPASSWD_PW=''
- USE_MD5=''
- PRECRYPTED=''
-}
-
-# Main loop starts here. Use a state machine to allow jumping back to
-# previous questions.
-STATE=0
-while [ "$STATE" != '10' ] && [ "$STATE" != '-1' ]; do
- case "$STATE" in
- 0)
- # Ask how the password files should be set up.
- db_input low passwd/shadow || true
- ;;
- 1)
- # md5 passwords are now on by default. This step is dead.
- :
- ;;
- 2)
- # Enable shadowed passwords...or not
- db_get passwd/shadow
- if [ "$RET" = true ]; then
- shadowconfig on
- else
- shadowconfig off
- fi
- ;;
- 3)
- # Prompt for a root password if there is none.
- if ! root_password; then
- # First check whether the root password was preseeded crypted
- db_get passwd/root-password-crypted || true
- if ! test "$RET" ; then
- # No preseed of the root password hash
- # we will prompt the user
- db_input critical passwd/root-password || true
- # Note that this runs at a slightly lower
- # priority, so it may not always be seen. If
- # it isn't, don't compare passwords.
- COMPARE_PW=''
- db_input critical passwd/root-password-again \
- && COMPARE_PW=1 || true
- fi
- fi
- ;;
- 4)
- # Verify and set a root password.
- if ! root_password; then
- # First check whether the root password was preseeded crypted
- db_get passwd/root-password-crypted || true
- if ! test "$RET" ; then
- # Compare the two passwords, loop back if not
- # identical, or if empty.
- db_get passwd/root-password
- ROOT_PW="$RET"
- if [ -z "$ROOT_PW" ]; then
- db_fset passwd/password-empty seen false
- db_input critical passwd/password-empty
- db_fset passwd/root-password seen false
- db_fset passwd/root-password-again seen false
- STATE=2
- continue
- fi
- db_get passwd/root-password-again
- if [ "$COMPARE_PW" ] && [ "$ROOT_PW" != "$RET" ]; then
- db_fset passwd/password-mismatch seen false
- db_input critical passwd/password-mismatch
- db_fset passwd/root-password seen false
- db_fset passwd/root-password-again seen false
- STATE=2
- continue
- fi
-
- # Clear root password from the db, and set the
- # password.
- db_set passwd/root-password ""
- db_set passwd/root-password-again ""
- setpassword root "$ROOT_PW" false
- ROOT_PW=''
- else
- ROOT_PW="$RET"
- # The root password was preseeded encrypted
- # Clear it from the db, then set it
- db_set passwd/root-password-crypted ""
- setpassword root "$ROOT_PW" true
- ROOT_PW=''
- fi
- # Loop back to state #2 to make sure that there
- # is a root password, and if not, prompt again.
- STATE=2
- continue
- fi
- ;;
- 5)
- # Ask if a non-root user should be made, if there is not
- # already one.
- if ! is_system_user; then
- db_input medium passwd/make-user || true
- fi
- ;;
- 6)
- # Prompt for user info.
- db_get passwd/make-user
- if [ "$RET" = true ] && ! is_system_user; then
- db_input critical passwd/user-fullname || true
- fi
- ;;
- 7)
- # Prompt for user info.
- db_get passwd/make-user
- if [ "$RET" = true ] && ! is_system_user; then
- LOOP=""
- db_get passwd/username
- if [ -z "$RET" ]; then
- db_get passwd/user-fullname
- # Login defaults to user's first name
- # Some hat off to a few d-i people
- case "$RET" in
- "Martin Michlmayr")
- userdefault="tbm"
- ;;
- *)
- userdefault=`echo $RET | sed 's/ .*//' | LC_ALL=C tr A-Z a-z`
- ;;
- esac
- if test -n "$userdefault" && \
- LC_ALL=C expr "$userdefault" : '[a-z][-a-z0-9]*$' >/dev/null; then
- db_set passwd/username "$userdefault"
- fi
- fi
- db_input critical passwd/username || true
- fi
- ;;
- 8)
- # Verify and make user.
- db_get passwd/make-user
- if [ "$RET" = true ] && ! is_system_user; then
- # Verify the user name, loop with message if bad.
- db_get passwd/username
- USER="$RET"
- if ! LC_ALL=C expr "$USER" : '[a-z][-a-z0-9]*$' >/dev/null; then
- db_fset passwd/username seen false
- db_fset passwd/username-bad seen false
- db_input critical passwd/username-bad
- STATE=5
- continue
- fi
-
- db_get passwd/user-password-crypted || true
- if ! test "$RET" ; then
- db_input critical passwd/user-password || true
- COMPARE_PW=''
- db_input critical passwd/user-password-again \
- && COMPARE_PW=1 || true
- fi
- fi
- ;;
- 9)
- db_get passwd/make-user
- if [ "$RET" = true ] && ! is_system_user; then
- db_get passwd/user-password-crypted || true
- if ! test "$RET" ; then
- # Compare the two passwords, loop with message if not
- # identical, or if empty.
- db_get passwd/user-password
- USER_PW="$RET"
- db_get passwd/user-password-again
- if [ "$COMPARE_PW" ] && [ "$USER_PW" != "$RET" ]; then
- db_set passwd/user-password ""
- db_set passwd/user-password-again ""
- db_fset passwd/password-mismatch seen false
- db_input critical passwd/password-mismatch
- db_fset passwd/user-password seen false
- db_fset passwd/user-password-again seen false
- STATE=8
- continue
- fi
- if [ -z "$USER_PW" ]; then
- db_set passwd/user-password ""
- db_set passwd/user-password-again ""
- db_fset passwd/password-empty seen false
- db_input critical passwd/password-empty
- db_fset passwd/user-password seen false
- db_fset passwd/user-password-again seen false
- STATE=8
- continue
- fi
- else
- USER_PW=$RET
- fi
-
- if db_get passwd/user-uid && [ "$RET" ]; then
- if test -x /usr/sbin/adduser; then
- UIDOPT="--uid $RET"
- else
- UIDOPT="-u $RET"
- fi
- else
- UIDOPT=
- fi
-
- # Add the user to the database, using adduser in
- # noninteractive mode.
- db_get passwd/user-fullname
-
- if test -x /usr/sbin/adduser; then
- adduser --disabled-password --gecos "$RET" $UIDOPT "$USER" >/dev/null || true
- else
- useradd -c "$RET" -m "$USER" $UIDOPT >/dev/null || true
- fi
-
- db_get passwd/user-password-crypted || true
- if ! test "$RET" ; then
- # Clear password from the db, and set the password.
- db_set passwd/user-password ""
- db_set passwd/user-password-again ""
- db_get passwd/username
- setpassword "$USER" "$USER_PW" false
- USER_PW=''
- else
- USER_PW="$RET"
- # The user password was preseeded encrypted
- # Clear it from the db, then set it
- db_set passwd/root-password-crypted ""
- setpassword "$USER" "$USER_PW" true
- USER_PW=''
- fi
-
- # Loop back through to make sure the user was
- # added.
- STATE=5
- continue
- fi
- ;;
- esac
-
- if db_go; then
- STATE=$(($STATE + 1))
- else
- STATE=$(($STATE - 1))
- fi
-# echo "ON STATE: $STATE"
-done
-
-if test "$STATE" = -1
-then
- exit 30
-fi
Deleted: trunk/debian/passwd.templates
===================================================================
--- trunk/debian/passwd.templates 2007-04-15 14:57:02 UTC (rev 1178)
+++ trunk/debian/passwd.templates 2007-04-15 15:52:41 UTC (rev 1179)
@@ -1,111 +0,0 @@
-# This template is for D-I purposes and should allow
-# preseeding the root password with a crypted password rather than cleartext
-Template: passwd/root-password-crypted
-Type: password
-Description: for internal use
-
-# This template is for D-I purposes and should allow
-# preseeding the user password with a crypted password rather than cleartext
-Template: passwd/user-password-crypted
-Type: password
-Description: for internal use
-
-# This template is for D-I purposes and should allow
-# preseeding the UID of the first created user
-Template: passwd/user-uid
-Type: string
-Description: for internal use
-
-Template: passwd/root-password
-Type: password
-_Description: Root password:
- You need to set a password for 'root', the system administrative
- account. A malicious or unqualified user with root access can have
- disastrous results, so you should take care to choose a root password
- that is not easy to guess. It should not be a word found in dictionaries,
- or a word that could be easily associated with you.
- .
- A good password will contain a mixture of letters, numbers and punctuation
- and should be changed at regular intervals.
- .
- Note that you will not be able to see the password as you type it.
-
-Template: passwd/root-password-again
-Type: password
-_Description: Re-enter password to verify:
- Please enter the same root password again to verify that you have typed it
- correctly.
-
-Template: passwd/make-user
-Type: boolean
-Default: true
-_Description: Create a normal user account now?
- It's a bad idea to use the root account for normal day-to-day activities,
- such as the reading of electronic mail, because even a small mistake can
- result in disaster. You should create a normal user account to use for
- those day-to-day tasks.
- .
- Note that you may create it later (as well as any additional account) by
- typing 'adduser <username>' as root, where <username> is an user name,
- like 'imurdock' or 'rms'.
-
-Template: passwd/user-fullname
-Type: string
-_Description: Full name for the new user:
- A user account will be created for you to use instead of the root
- account for non-administrative activities.
- .
- Please enter the real name of this user. This information will be used
- for instance as default origin for emails sent by this user as well as
- any program which displays or uses the user's real name. Your full
- name is a reasonable choice.
-
-Template: passwd/username
-Type: string
-_Description: Username for your account:
- Select a username for the new account. Your first name is a reasonable choice.
- The username should start with a lower-case letter, which can be
- followed by any combination of numbers and more lower-case letters.
-
-Template: passwd/username-bad
-Type: note
-_Description: Invalid username
- The user name you entered is invalid. Note that usernames must start with
- a lower-case letter, which can be followed by any combination of numbers
- and more lower-case letters.
-
-Template: passwd/user-password
-Type: password
-_Description: Password for the new user:
- A good password will contain a mixture of letters, numbers and punctuation
- and should be changed at regular intervals.
-
-Template: passwd/user-password-again
-Type: password
-_Description: Re-enter password to verify:
- Please enter the same user password again to verify you have typed it
- correctly.
-
-Template: passwd/password-mismatch
-Type: note
-_Description: Password input error
- The two passwords you entered were not the same. Please try again.
-
-Template: passwd/password-empty
-Type: note
-_Description: Empty password
- You entered an empty password, which is not allowed.
- Please choose a non-empty password.
-
-Template: passwd/shadow
-Type: boolean
-Default: true
-_Description: Enable shadow passwords?
- Shadow passwords make your system more secure because nobody is able to
- view even encrypted passwords. The passwords are stored in a separate file
- that can only be read by special programs. The use of shadow passwords
- is strongly recommended, except in a few cases such as NIS environments.
-
-Template: passwd/title
-Type: title
-_Description: Set up users and passwords
More information about the Pkg-shadow-commits
mailing list