Hi, On Sat, Dec 18, 2021 at 07:02:56PM +0100, Dennis Filder wrote: > On Fri, Dec 17, 2021 at 11:28:35PM +0100, Marc Haber wrote: > > If you run the Debian installer with default settings, you get a system > > without root password. I guess the majority of desktop installations run > > that way. > > The majority of desktop installations never uninstall sudo, either.
Yes, that's right. You have a point here. > Anyway, performing sudo surgery without a root password set is asking > for trouble. Anyone with half a brain would set one temporarily. Or have a root shell open in another window. But, many users don't think and don't care about those things. They're unlikely to perform sudo surgery, but for example, a broken /etc/sudoers.d file can have fatal results as well. The more I think the more I am getting convinced that not setting a root password "for simplicity's sake" was a bad idea in Ubuntu and an even worse idea to adopt for Debian. > > As far as I know, you generally cannot control the environment in all > > autopkgtest instances. > > That's their problem, and it is also very easy to solve. A package > installs to /usr/share/autopkgtest/adjusts/<package>.env a list of > environment variable names (and maybe also the set of permitted > values), and then the autopkgtest author expresses an explicit > Depends: on the package and specifies the assignment of the > environment variable in Extra-Environment:. Then autopkgtest should > place that into the environment and it will work. I would much more prefer an "Environment" and or a "Conflicts" line in debian/tests/control to control the environment there. I am just wondering whether it's a good idea to have sudo detect running in a testbed and modifying its behavior. > Till they offer such a mechanism no one should spend time on working > around this. Too late ;-) > P.S.: I just saw your message about the LDAP-related autopkgtests for > sudo, and I'll look into that in the next days Feel free to open a bug about this or discuss on sudo@p.d.o or approach me in private. I'm open for discussion, but this should not be in this bug report. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
