Re: [Tails-dev] tails-greeter: admin password, set-user-pas…

Delete this message

Reply to this message
Author: bertagaz
Date:  
To: The Tails public development discussion list, govnototalitarizm
Subject: Re: [Tails-dev] tails-greeter: admin password, set-user-password-and-locale
On Thu, Aug 18, 2011 at 06:23:47PM +0700, † wrote:
> 16.08.2011 15:52, intrigeri пишет:
>
> > 4. /etc/sudoers.d/ directory seems not enabled yet, but I think it
> >    should be unconditionally enabled at image build time by a
> >    chroot_local-hooks, rather than at logon time.

>
> It seems to be enabled in squeeze by default: /etc/sudoers contain
> '#includedir /etc/sudoers.d' directive.


Note the '#' at the beginning of the line, which *disable* the inclusion.
So, this and looking at the packaging makes me say that this is disabled
by default in Squeeze.

> If it's not enabled in tails than there's some code (in *hooks maybe) which disable
> it. How can we find it?


git grep sudo; git grep sudoers doesn't print out something relevant.
Tails doesn't touch to this file.

> >    A quick'n'dirty way to hide the underlying problem, and have things
> >    working right now, is to reset the LIVE_USERNAME's password to the
> >    default one, in set-user-password-and-locale, in if [ -z
> >    "${TAILS_USER_PASSWORD}" ].

>
> If we change password in set-user-password-and-locale than we effectively ignore
> whatever user entered as password. Either I've misunderstood it or it's hardly a fix.


I think intrigeri suggests here to reset to the default password upon
second login if the user is leaving the password boxes empty in this
second login, but did set a password during the first login.

Trying to be a bit more clear:

First login: user sets a password
then she logout
second login: user leave the password empty
tailsgreeter set the password to the default one (and remove
administrative access).

Or am I misunderstanding something?

bert.