MD5 Support
senaque at thepla.net
senaque at thepla.net
Fri Feb 7 00:16:09 CET 2003
On 6 Feb 2003 at 12:37, Recycle Computer shaped the electrons to say...
>
> Change the pam configuration files to allow md5?
>
> --mark--
>
Hello fellow faiers,
Firstly, many thanks for all the help and suggestions you have given on this topic.
Mark, this is how I have been doing it all along and from what I've heard, what everyone else has
been doing for the sake of 'getting things going' aswell, but as Andrew has mentioned in earlier
posts, it really is a cludge as the passwd program will remain to be unconfigurable nor registered
with debconf.
I am unsure of the long-term gravity of doing so, and have therefore not posted a "SUMMARY" to
the list yet to close the topic officially and this is because I still have hopes of finding out how to
achieve this :-) MD5 and shadow as far as I am concerned are fundamental and basic necessity
of any system that wishes to be even marginally secured and should not only be fixed but a
default ;-) Now, I've continued doing some research on the matter and I have found out a few
concrete things. In Chapter 5 of the Debian Policy Manual (http://www.debian.org/doc/debian-
policy/ch-miscellaneous.html) it specifically states:
"Since an interactive debian/rules script makes it impossible to auto-compile that package and
also makes it hard for other people to reproduce the same binary package, all required targets
MUST be non-interactive."
Am I to understand the passwd program _should_ actually be able to install non-interactively if it is
to comply with the Debian policy? Furthermore, I am using 'woody' here not a testing nor unstable
release and this is what worries me even more, it may 'never get fixed'. In response to Sebastien's
e-mail a few days ago, I have the following package versions in woody(stable):
dpkg/woody uptodate 1.9.21
debconf/woody uptodate 1.0.32
passwd/woody uptodate 20000902-12
base-passwd/woody uptodate 3.4.1
One interesting thing to note is that we both have the same passwd version (although I don't know
his base-passwd and whether this should interfere with it or not). This leads me to believe it may
not be a problem with the passwd package itself, but something else, however it is made more
confusing since many of the other packages I install which make use of debconf (like apache,
etc), install non-interactively perfectly. In the meantime, I have been trying to work out the problem
myself by ripping everything apart and recompiling the passwd program (which is really a shadow
suite with 12 or so patches + the login program), and doing things like setting the "-x" parameter
for bash in the passwd.config script in the hopes of seeing anything that may possibly be causing
this, etc.
I would like to know if anyone on this list has experience with submitting bugs to b.d.o and/or can
say for certain what is causing this so that I may submit a bug report. The only thing stopping me
from doing so already is that the _same_ passwd program is used in both a working and non-
working system as mentioned previously. Also worth mentioning is that if passwd is installed
_interactively_ through dialog (even on the FAI freshly installed or chrooted system $ROOTCMD
dpkg-reconfigure -fdialog passwd), it works _perfectly_.
Strange indeed.
Ideas? Thoughts? Comments?
PS- Sorry for the inordinately long post :-)
Regards,
Senaque
---
E-MAIL: senaque at thepla.net
IRC: #FAI @ irc.freenode.net
WWW: http://www.sf.net/users/senaque/
More information about the linux-fai
mailing list