Hello Serge E. Hallyn, Thanks for your input.
On Tue, Jan 17, 2017 at 01:59:49PM -0600, Serge E. Hallyn wrote: > Hi, > > so it looks like things which are duplicated include: > > chfn > chsh > (but not chpasswd?) > newgroup > su > vipw I've done a quick comparison of what the manpage says in shadow vs util-linux for these tools.... (Actual implementation might still differ.) I'm attaching a text file with my findings for all the above listed tools. > > Do these all work the same way? (looks like util-linux su has a lot more > options and implements the options shadow's does, good, but it does not honor > all the same login.defs variables?) No, util-linux su does not implement all login.defs variables that shadow su supports. Not sure how relevant the missing ones are. Input very welcome! Would it maybe be enough to list the unsupported ones in NEWS.Debian to alert dist-upgraders of the change? > Are the manpages sufficient in util-linux (I think so)? Yes, that is my impression. While the actual tools maybe should grow some (or all?) of the options missing from the shadow equivalent the manpages should then be extended at the same time ofcourse. > What about the internationalization? (Seems to > be there, at least) Should work. > > Would you consider implementing other things like usermod in > util-linux? I have no personal imminent plans. Please check with upstream. It's likely they'll say yes and possibly even have volunteers that does the work. Would be great if shadow (upstream) maintainers could reach out directly to util-linux upstream to discuss about a unified vision. ;) > > Ok, I see your (Andreas') tiered proposal. That sounds good to me, > but then again there is the equivalence question. More fine-grained equivalence studies likely needed. Personally I don't think we have to make it a show-stopper for everything to be equivalently supported. Some might have no users and may just be a waste to implement, where just a NEWS.Debian entry can suffice. (Others we might really want to implement, and some we likely should implement but might not be show-stoppers.) Input on the importance of each spotted difference welcome. > > Once some of these are out of the debian package, I'll have to check to > make sure no other distros need to switch (gentoo?). But happy to drop > anything that gets supplanted. > Regards, Andreas Henriksson
# chfn shadow util-linux ================================================================ -o office -o other --office office --other other -p office-phone -w work-phone --office-phone office-phone --work-phone work-phone -r room --room room -R chroot-dir --root chroot-dir (not listing the options only existing in util-linux) (Regarding login.defs both seems to support CHFN_RESTRICT (only).) # chsh shadow util-linux ================================================================ -h (== --help) -u (== --help) -R chroot-dir --root chroot-dir (not listing the options only existing in util-linux) The strict validation of only valid shells allowed for non-root seems to be a COMPILE-TIME "opt-in" feature in util-linux version: --enable-chsh-only-listed (Default in util-linux is to just warn when setting shell not listed in /etc/shells.) # chpasswd this utility part of shadow is not available in util-linux! # newgrp The optional command-line '-' in shadow not supported in util-linux version. The shadow man page is much longer and describes possible additional functionality in shadow version (this needs further investigation): * password prompting * gshadow The shadow version has (compile-time optional) support for login.defs variable SYSLOG_SG_ENAB but that's not available in (any) util-linux tool. # su The util-linux version supports all command-line options listed in shadow su manpage. Possible slight implementation details might differ for example in -p (needs investigation). The util-linux version does not support the following shadow su login.defs variables: CONSOLE_GROUPS DEFAULT_HOME SULOG_FILE SU_NAME SYSLOG_SU_ENAB # vipw The shadow version of vipw and vigr supports many command-line options, while the util-linux equivalents only supports: -h --help (-V --version) (The shadow version uses both VISUAL and EDITOR while u-l only looks at EDITOR.)
