On Mon, Nov 25, 2019 at 03:55:28PM -0800, Adam Williamson wrote: > On Tue, 2019-11-26 at 00:34 +0100, Kevin Kofler wrote: > > Samuel Sieb wrote: > > > Steps 1 - 4 are not benefits, they are workarounds to critical system > > > utilities required by this change. I don't understand why this change > > > is necessary at all. It only affects local logins and if someone wants > > > to have an empty password, why make it so difficult? It's their choice. > > > > +1, I do not see the point of patronizing our users that way (and it is only > > an extra hoop to jump through because they can still readd the nullok), and > > find it particularly pointless to make all those error-prone changes to core > > system utilities just to make that work. > > > > > It's not like Fedora has any default logins with empty passwords, the > > > user has to make their own. > > > > That part is actually not entirely true: the live images have no password > > set on the liveuser and root accounts. Hence, this change will also break > > the live images, unless we add yet another hack to the scriptlets in the > > live kickstarts, one that readds the nullok option. IMHO, we already have > > too many hacks in the kickstart scriptlets. > > I gotta say +1 too. I don't buy that there's a significant 'hardening' > benefit worth all the effort mentioned in the Change *plus* the > additional consequences Kevin and Martin pointed out. At minimum I'd > like to see a much more convincing case that people are creating users > without passwords without understanding what they're doing. +1 from me too. It is very convenient to be able to set an empty password on certains VMs and containers and special-purpose machines. I would support this change if there were plausible scenarios where the password is unset by mistake. But the only case cited so far is the puppet mistake where the admins scripted 'passwd -d root' and then forgot about this. This is not a fight we could ever win: if we remove 'nullok', the admins would simply add another script line to add it back. Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
