26.11.2019, 11:39, "Zbigniew Jędrzejewski-Szmek" <zbyszek@xxxxxxxxx>: > On Mon, Nov 25, 2019 at 03:55:28PM -0800, Adam Williamson wrote: >> On Tue, 2019-11-26 at 00:34 +0100, Kevin Kofler wrote: >> > Samuel Sieb wrote: >> > > Steps 1 - 4 are not benefits, they are workarounds to critical system >> > > utilities required by this change. I don't understand why this change >> > > is necessary at all. It only affects local logins and if someone wants >> > > to have an empty password, why make it so difficult? It's their choice. >> > >> > +1, I do not see the point of patronizing our users that way (and it is only >> > an extra hoop to jump through because they can still readd the nullok), and >> > find it particularly pointless to make all those error-prone changes to core >> > system utilities just to make that work. >> > >> > > It's not like Fedora has any default logins with empty passwords, the >> > > user has to make their own. >> > >> > That part is actually not entirely true: the live images have no password >> > set on the liveuser and root accounts. Hence, this change will also break >> > the live images, unless we add yet another hack to the scriptlets in the >> > live kickstarts, one that readds the nullok option. IMHO, we already have >> > too many hacks in the kickstart scriptlets. >> >> I gotta say +1 too. I don't buy that there's a significant 'hardening' >> benefit worth all the effort mentioned in the Change *plus* the >> additional consequences Kevin and Martin pointed out. At minimum I'd >> like to see a much more convincing case that people are creating users >> without passwords without understanding what they're doing. > > +1 from me too. It is very convenient to be able to set an empty password > on certains VMs and containers and special-purpose machines. > > I would support this change if there were plausible scenarios where the > password is unset by mistake. But the only case cited so far is the puppet > mistake where the admins scripted 'passwd -d root' and then forgot about > this. This is not a fight we could ever win: if we remove 'nullok', > the admins would simply add another script line to add it back. Agreed. I too am against this change for the reasons other people have already stated. Pete _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
