On Mon, 28 Nov 2022 15:50:56 +, Benjamin Drung
wrote:
>On Tue, 2022-07-19 at 08:49 +0200, Marc Haber wrote:
>> We implemented that change last week, and promptly a bug report
>> (#1014901) appeared, giving what we consider good arguments to change
>> this back to 0700. Here is what the adduser
On Mon, 2022-11-28 at 15:50 +, Benjamin Drung wrote:
> Ubuntu changed the default DIR_MODE to 0750 in January 2021 [1] with the
> same intention than Debian now. I like to see Debian and Ubuntu agree on
> one default DIR_MODE to keep the package difference small and make
> documentation shareab
Hi,
sorry for being so late in the discussion.
On Tue, 2022-07-19 at 08:49 +0200, Marc Haber wrote:
> We implemented that change last week, and promptly a bug report
> (#1014901) appeared, giving what we consider good arguments to change
> this back to 0700. Here is what the adduser team consider
Hi,
this is the summary follow-up to the adduser discussion we had in the
last eight days, and I hope that I was successful in working all of your
suggestions in the new text.
Original Message Text:
> (1)
> #202943, #202944, #398793, #442627, #782001
> The bug reporters are requesting the default
On Sun, 13 Mar 2022 20:52:47 -0600, Sam Hartman
wrote:
>Let me try asking something more reasonable.
>If you end up tightening down world readableness, let me know so I can
>reject the umask patch, because I suspect if your decision to tighten
>down being world readable sticks, the 15 year old use
> "Marc" == Marc Haber writes:
>> But I'd ask you to look into the history of usergroups in Debian
>> as part of your decision process.
Marc> Where would I read up on that? I am not deeply enough in those
Marc> political things to be able to judge whether a discussion from
On Sun, Mar 13, 2022 at 11:09:24AM +0100, Marc Haber wrote:
On Sat, 12 Mar 2022 14:41:35 -0500, Michael Stone
wrote:
And remember, there are existing real-world debian systems that have
users with dots (regardless of local adduser policy; think ldap/ad for
example) so these are already issues t
On Sat, 2022-03-12 at 14:41 -0500, Michael Stone wrote:
> It also has to be a variable; if it's "root.root" or such, it doesn't
> matter.
But that could be confused with a user named "root.root" instead of
user "root" + group "root" as intended. So this would need to be
changed to use root:root as
On Sat, 12 Mar 2022 14:41:35 -0500, Michael Stone
wrote:
>On Fri, Mar 11, 2022 at 10:16:24PM +0100, Marc Haber wrote:
>>[^[:alpha:]]chown[[:space:]][^[:space:]]+\.[^[:space:]] is found 829
>>times in Debian, mostly in docs and comments, but also in a few live
>>scripts. I think that we still have
On Fri, Mar 11, 2022 at 10:16:24PM +0100, Marc Haber wrote:
[^[:alpha:]]chown[[:space:]][^[:space:]]+\.[^[:space:]] is found 829
times in Debian, mostly in docs and comments, but also in a few live
scripts. I think that we still have some way to go until we get rid of
the dot notation in chown ca
Hi,
On Fri, Mar 11, 2022 at 1:16 PM Marc Haber wrote:
>
> wishlist bug for a lintian check.
Implemented in Lintian, and pending for the next release:
https://salsa.debian.org/lintian/lintian/-/commit/66ea726de5f34cf693b7d01a297f495abf650588
Thank you, everyone, for your comments!
Kind re
On Thu, 10 Mar 2022 17:38:20 -0800, Noah Meyerhans
wrote:
>+1 to --disabled-login setting the shell to /usr/sbin/nologin with
>documentation being updated to reflect this. I'd suggest a default
>behavior of a password of '*', with the ability to override it and
>prompt for a real password with a
On Fri, 11 Mar 2022 10:45:50 -0500, Michael Stone
wrote:
>I don't have a really strong preference either way. Maybe carry a patch
>until just before freeze to bubble stuff up during testing? Maybe allow
>an environment variable to override (either way?) to facilitate testing?
>The problem is th
Am 11.03.22 um 15:37 schrieb Simon McVittie:
and the equivalent if we were relying on sysusers would be this:
install flatpak
/usr/lib/sysusers.d/flatpak.conf is created
postinst or trigger invokes systemd-sysusers
An important distinction is that this postinst can be g
On Thu, Mar 10, 2022 at 09:33:00PM +0100, Marc Haber wrote:
On Wed, 9 Mar 2022 17:29:01 -0500, Michael Stone
wrote:
On Tue, Mar 08, 2022 at 12:29:43PM -0700, Sam Hartman wrote:
I don't think it makes sense to move toward 0700 home directories and to
loosen the umask for usergroups.
Those are
On Mar 11, Simon Richter wrote:
> We currently don't have a good mechanism for leaving configuration behind on
> purge, which we've historically done with user accounts to avoid reuse of
> UIDs that may own resources, so we'd still have to create the declarations
> from a postinst.
While this is
On Fri, 11 Mar 2022 at 12:08:27 +0100, Simon Richter wrote:
> On 3/10/22 8:59 PM, Michael Biebl wrote:
> > have you considered a more declarative approach as provided by
> > systemd-sysusers (8)?
>
> We currently don't have a good mechanism for leaving configuration behind on
> purge, which we've
Hi,
On 3/10/22 8:59 PM, Michael Biebl wrote:
have you considered a more declarative approach as provided by
systemd-sysusers (8)?
We currently don't have a good mechanism for leaving configuration
behind on purge, which we've historically done with user accounts to
avoid reuse of UIDs that
On Thu, 10 Mar 2022 20:59:50 +0100, Michael Biebl
wrote:
>have you considered a more declarative approach as provided by
>systemd-sysusers (8)?
No. This thread is about evolving adduser. Not getting rid of it.
514 packages in Debian match "adduser.*--system".
Feel free to offer a declarative th
On Thu, 10 Mar 2022 13:17:26 -0800, Steve Langasek
wrote:
>On Thu, Mar 10, 2022 at 06:37:58AM +0100, Marc Haber wrote:
>> On Thu, 10 Mar 2022 00:04:38 +0100, Ansgar wrote:
>> >On Wed, 2022-03-09 at 17:29 -0500, Michael Stone wrote:
>> >> Those are actually unrelated--the big reason for the more p
On Thu, Mar 10, 2022 at 09:35:27PM +0100, Marc Haber wrote:
> On Wed, 09 Mar 2022 21:34:33 +0100, Pierre-Elliott Bécue
> wrote:
> >Considering many have replied, I'll stick to that one:
> >Marc Haber wrote on 08/03/2022 at
> >17:49:04+0100:
> >> (3)
> >> #625758
> >> --disabled-password just doe
On Thu, Mar 10, 2022 at 09:37:49PM +0100, Marc Haber wrote:
> >- leading digits sometimes causes programs to parse a 'username' as an
> > 'user id' instead; you can see some of this here:
> > https://github.com/systemd/systemd/issues/6237
> > I know I've seen more instances of this over the year
Marc Haber wrote on 10/03/2022 at 21:35:27+0100:
> On Wed, 09 Mar 2022 21:34:33 +0100, Pierre-Elliott Bécue
> wrote:
>>Considering many have replied, I'll stick to that one:
>>Marc Haber wrote on 08/03/2022 at
>>17:49:04+0100:
>>> (3)
>>> #625758
>>> --disabled-password just does not set a pa
On Thu, 10 Mar 2022 at 20:24, Michael Biebl wrote:
>
> Hi Marc,
>
> have you considered a more declarative approach as provided by
> systemd-sysusers (8)?
>
> I'm a fan of less manual maintainer scripts code and maybe
> systemd-sysusers is an answer to that, especially given that we split
> out th
On Thu, Mar 10, 2022 at 06:37:58AM +0100, Marc Haber wrote:
> On Thu, 10 Mar 2022 00:04:38 +0100, Ansgar wrote:
> >On Wed, 2022-03-09 at 17:29 -0500, Michael Stone wrote:
> >> Those are actually unrelated--the big reason for the more permissive
> >> umask is to allow people to seamlessly work wit
On Thu, 10 Mar 2022 00:01:36 +, Seth Arnold
wrote:
>On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote:
>> (2)
>> #774046 #520037
>> Which special characters should we allow for account names?
>
>Please consider the leading character separately from the rest of the
>characters:
>
>- le
On Wed, 09 Mar 2022 21:34:33 +0100, Pierre-Elliott Bécue
wrote:
>Considering many have replied, I'll stick to that one:
>Marc Haber wrote on 08/03/2022 at 17:49:04+0100:
>> (3)
>> #625758
>> --disabled-password just does not set a password for the newly created
>> account (resulting in '*' in sha
On Wed, 9 Mar 2022 17:29:01 -0500, Michael Stone
wrote:
>On Tue, Mar 08, 2022 at 12:29:43PM -0700, Sam Hartman wrote:
>>I don't think it makes sense to move toward 0700 home directories and to
>>loosen the umask for usergroups.
>
>Those are actually unrelated--the big reason for the more permissiv
Hi Marc,
have you considered a more declarative approach as provided by
systemd-sysusers (8)?
I'm a fan of less manual maintainer scripts code and maybe
systemd-sysusers is an answer to that, especially given that we split
out the systemd-sysusers binary into a standalone binary which should
On Thu, Mar 10, 2022 at 06:28:57PM +0100, Vincent Bernat wrote:
❦ 10 March 2022 11:34 -05, Michael Stone:
It was always configurable, but was enabled out of the box in hamm...
My system was installed on Potato if I remember correctly (or maybe
Woody, but definitely not older than Potato). But
On 3/9/22 23:47, Marc Haber wrote:
On Wed, 9 Mar 2022 14:35:52 -0600, Richard Laager
wrote:
If the admin can change the default DIR_MODE that applies to system user
home directories, then any postinst script doing `adduser --system`
needs to also explicitly chmod its home directory if it need
❦ 10 March 2022 11:34 -05, Michael Stone:
On systems that don't use usergroups for all/some users, doesn't this
change make all files writable by other users by default? That would
seem like a very unsecure change on upgrades (or as a default).
>>>
>>> AFAIK systems that don't use
On Thu, Mar 10, 2022 at 05:06:32PM +0100, Vincent Bernat wrote:
❦ 10 March 2022 11:21 +01, Philip Hands:
On systems that don't use usergroups for all/some users, doesn't this
change make all files writable by other users by default? That would
seem like a very unsecure change on upgrades (or a
❦ 10 March 2022 11:21 +01, Philip Hands:
>> On systems that don't use usergroups for all/some users, doesn't this
>> change make all files writable by other users by default? That would
>> seem like a very unsecure change on upgrades (or as a default).
>
> AFAIK systems that don't use usergroups
On Thu, 10 Mar 2022 11:19:56 +0100, Harald Dunkel
wrote:
>This is another trap: /etc/login.defs seems to define some ranges for
>"system" uids and gids. They are commented out by default, nevertheless
>they imply some configurability. Are changes in login.defs supposed to
>be respected by all pack
On 2022-03-09 21:00:20, Marc Haber wrote:
On Wed, 9 Mar 2022 14:10:04 +0100, Harald Dunkel
Related question: How are naming collisions between local entries and
the entries in a network directory service supposed to be handled?
Something like
passwd: files sss
in /etc/nsswitch.conf is
On Thu, 2022-03-10 at 11:21 +0100, Philip Hands wrote:
> However, I suspect that something is a bit broken about this anyway,
> since I just tested and get a umask of 0022 when logging in via ssh
> to a system with USERGROUPS_ENAB 'yes'.
I changed UMASK to 077 in /etc/login.defs and can confirm th
Ansgar writes:
> On Tue, 2022-03-08 at 12:29 -0700, Sam Hartman wrote:
>> > > > >
>> Take a look at https://salsa.debian.org/vorlon/pam/-/merge_requests/3
>>
>> According to the history of that patch, we have some old consensus to
>> move toward usergroups and a default umask of 0002 (except fo
On Thu, 10 Mar 2022 09:28:24 +, Simon McVittie
wrote:
>On Thu, 10 Mar 2022 at 06:37:58 +0100, Marc Haber wrote:
>> Are we using ACLs [by] Default already in other places of the Debian
>> system?
>
>For user-facing purposes I don't think so (although they're available to
>anyone who wants to se
On Thu, 10 Mar 2022 at 06:37:58 +0100, Marc Haber wrote:
> Are we using ACLs [by] Default already in other places of the Debian
> system?
For user-facing purposes I don't think so (although they're available to
anyone who wants to set them), but they're how the udev/logind "uaccess"
mechanism (the
On Wed, 9 Mar 2022 14:35:52 -0600, Richard Laager
wrote:
>If the admin can change the default DIR_MODE that applies to system user
>home directories, then any postinst script doing `adduser --system`
>needs to also explicitly chmod its home directory if it needs anything
>more permissive than 7
On Thu, 10 Mar 2022 00:04:38 +0100, Ansgar wrote:
>On Wed, 2022-03-09 at 17:29 -0500, Michael Stone wrote:
>> Those are actually unrelated--the big reason for the more permissive
>> umask is to allow people to seamlessly work with other people in a
>> group, especially within setgid shared direct
On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote:
> (2)
> #774046 #520037
> Which special characters should we allow for account names?
Please consider the leading character separately from the rest of the
characters:
- leading digits sometimes causes programs to parse a 'username' as a
On Thu, Mar 10, 2022 at 12:04:38AM +0100, Ansgar wrote:
On Wed, 2022-03-09 at 17:29 -0500, Michael Stone wrote:
Those are actually unrelated--the big reason for the more permissive
umask is to allow people to seamlessly work with other people in a
group, especially within setgid shared directori
On Wed, 2022-03-09 at 17:29 -0500, Michael Stone wrote:
> Those are actually unrelated--the big reason for the more permissive
> umask is to allow people to seamlessly work with other people in a
> group, especially within setgid shared directories. Those shared
> directories can be anywhere, and
On Tue, Mar 08, 2022 at 12:29:43PM -0700, Sam Hartman wrote:
I don't think it makes sense to move toward 0700 home directories and to
loosen the umask for usergroups.
Those are actually unrelated--the big reason for the more permissive
umask is to allow people to seamlessly work with other peo
Considering many have replied, I'll stick to that one:
Marc Haber wrote on 08/03/2022 at 17:49:04+0100:
> (3)
> #625758
> --disabled-password just does not set a password for the newly created
> account (resulting in '*' in shadow) while --disabled-login places a '!'
> in shadow. On modern syste
On 3/9/22 14:00, Marc Haber wrote:
On Tue, 8 Mar 2022 17:02:06 -0600, Richard Laager
wrote:
On 3/8/22 10:49, Marc Haber wrote:
(1a) would it be necessary to handle --system accounts differently? I
think yes. > (1b) should we stay with 0755 for --system accounts?
I don't see why syst
On Wed, 9 Mar 2022 14:10:04 +0100, Harald Dunkel
wrote:
>On 2022-03-08 17:49:04, Marc Haber wrote:
>> (1a) would it be necessary to handle --system accounts differently? I
>> think yes.
>
>I think it would be helpful to define "system account" and "normal user".
>Neither adduser(8) nor usera
On Tue, 8 Mar 2022 17:02:06 -0600, Richard Laager
wrote:
>On 3/8/22 10:49, Marc Haber wrote:
>> (1)
>> #202943, #202944, #398793, #442627, #782001
>> The bug reporters are requesting the default for DIR_MODE to be changed
>> from 0755 to 0700, making home directories readable for the user only.
>>
On Tue, 8 Mar 2022 19:06:57 -0500, Timothy M Butterworth
wrote:
>On Tue, Mar 8, 2022 at 6:18 PM Richard Laager wrote:
>Please add support for "." so we can use first.last names as user
>names. Other Linux's are already doing this so it should not break
>anything.
Adduser can already be configure
On Wed, 9 Mar 2022 00:12:25 +0200, Adrian Bunk
wrote:
>On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote:
>>...
>> (2)
>> #774046 #520037
>> Which special characters should we allow for account names?
>>
>> People demand being able to use a dot (which might break scripts using
>> chown)
On Tue, 08 Mar 2022 20:48:46 +0100, Ansgar wrote:
>On Tue, 2022-03-08 at 12:29 -0700, Sam Hartman wrote:
>> > > > >
>> Take a look at https://salsa.debian.org/vorlon/pam/-/merge_requests/3
>>
>> According to the history of that patch, we have some old consensus to
>> move toward usergroups and a
On Tue, 08 Mar 2022 12:29:43 -0700, Sam Hartman
wrote:
>Take a look at https://salsa.debian.org/vorlon/pam/-/merge_requests/3
As far as I understand, that's a PR against pam setting umask.to 002
on login, 022 for root. Especially the bug reports referenced there
bring me directly and deeply into
On Wed, 09 Mar 2022 at 14:10:04 +0100, Harald Dunkel wrote:
> I think it would be helpful to define "system account" and "normal user".
> Neither adduser(8) nor useradd(8) provide a sufficient definition,
> especially wrt the existing network directory services (LDAP, AD, etc).
> Is a "system user"
On 2022-03-08 17:49:04, Marc Haber wrote:
(1a) would it be necessary to handle --system accounts differently? I
think yes.
I think it would be helpful to define "system account" and "normal user".
Neither adduser(8) nor useradd(8) provide a sufficient definition,
especially wrt the exist
On Tue, Mar 8, 2022 at 6:18 PM Richard Laager wrote:
>
> On 3/8/22 10:49, Marc Haber wrote:
> > (1)
> > #202943, #202944, #398793, #442627, #782001
> > The bug reporters are requesting the default for DIR_MODE to be changed
> > from 0755 to 0700, making home directories readable for the user only.
On 3/8/22 10:49, Marc Haber wrote:
(1)
#202943, #202944, #398793, #442627, #782001
The bug reporters are requesting the default for DIR_MODE to be changed
from 0755 to 0700, making home directories readable for the user only.
Policy 10.9 states that directories should be 0755, but the policy
edit
On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote:
>...
> (2)
> #774046 #520037
> Which special characters should we allow for account names?
>
> People demand being able to use a dot (which might break scripts using
> chown) and non-ASCII national characters in account names. The regex
>
I support the 0700 on home directories.
On March 8, 2022, at 2:30 PM, Sam Hartman wrote:
> "Marc" == Marc Haber writes:
Marc> Hi, you might have noticed that the adduser package has gained
Marc> I have some issues that I would like to solicit the opinion of
Marc> my fellow DDs
On Tue, 2022-03-08 at 12:29 -0700, Sam Hartman wrote:
> > > > >
> Take a look at https://salsa.debian.org/vorlon/pam/-/merge_requests/3
>
> According to the history of that patch, we have some old consensus to
> move toward usergroups and a default umask of 0002 (except for root
> which gets 0022
> "Marc" == Marc Haber writes:
Marc> Hi, you might have noticed that the adduser package has gained
Marc> I have some issues that I would like to solicit the opinion of
Marc> my fellow DDs and to reach rough consensus about some changes
Marc> that have been requested from Addu
62 matches
Mail list logo
