intrigeri:
> sajolida wrote (20 Mar 2012 17:40:59 GMT) :
>> Cool. Could something like this do the trick? There's one patch for
>> Tails greeter and another for the feature/tails-greeter branch.
>> I didn't test it though, and wanted your opinion first.
>
>> # Check if password is actually set
>> if [ -z "${TAILS_USER_PASSWORD}" ] ; then
>> - rm -f "${POLKIT}" "${SUDOERS}"
>> + rm -f "${POLKIT}" "${SUDOERS}" "${CUSTOM_LECTURE}"
>> +
>> deluser "${LIVE_USERNAME}" sudo
>> log_n_exit "Password variable not found."
>> fi
>
> It seems to me the logics is backwards here:
> the custom lecture should be displayed iff. no password is set,
> rather than hidden iff. no password is set,
> isn't it?
Sure ;)
Here is another one, and this time I've tested it Tails greeter 0.6.
I have a doubt though: I removed the log_n_exit on line 96 because I
really think it prevents the following code from being executed when you
don't set a password, and it shouldn't. The patch works like this but
not otherwise, but maybe I missed something.
--
sajolida
From 0ce74ed231a840e625a39d08f355031076f55bc3 Mon Sep 17 00:00:00 2001
From: Tails developers <tails@???>
Date: Thu, 22 Mar 2012 09:31:05 +0100
Subject: [PATCH] Add a custom lecture when password is disabled.
---
MANIFEST.in | 1 +
PostLogin.default | 7 ++++++-
no-password-lecture.txt | 8 ++++++++
setup.py | 2 +-
4 files changed, 16 insertions(+), 2 deletions(-)
create mode 100644 no-password-lecture.txt
diff --git a/MANIFEST.in b/MANIFEST.in
index ae963f8..dedd7b2 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -1,6 +1,7 @@
include community-greeter.py
include tails-greeter.desktop
include tails-logging.conf
+include no-password-lecture.txt
include glade/*.glade
include pixmaps/*.svg
include pixmaps/lang/*.svg
diff --git a/PostLogin.default b/PostLogin.default
index fed7458..698f82a 100755
--- a/PostLogin.default
+++ b/PostLogin.default
@@ -18,6 +18,7 @@ export PATH="/usr/sbin:${PATH}"
LIVE_PASSWORD=live
POLKIT=/etc/polkit-1/localauthority.conf.d/52-tails-greeter.conf
SUDOERS=/etc/sudoers.d/tails-greeter
+NO_PASSWORD_LECTURE=/etc/sudoers.d/tails-greeter-no-password-lecture
KBDSET=/etc/default/keyboard
CONSET=/etc/default/console-setup
LOCALE_CFG=/etc/default/locale
@@ -93,7 +94,7 @@ fi
### Password
# Import password for superuser access
-. /var/lib/gdm3/tails.password || log_n_exit "Password file not found."
+. /var/lib/gdm3/tails.password
# Remove password file
rm --interactive=never -f /var/lib/gdm3/tails.password
@@ -102,6 +103,10 @@ rm --interactive=never -f /var/lib/gdm3/tails.password
if [ -z "${TAILS_USER_PASSWORD}" ] ; then
rm -f "${POLKIT}" "${SUDOERS}"
deluser "${LIVE_USERNAME}" sudo
+ echo "Defaults:amnesia lecture=always" > "${NO_PASSWORD_LECTURE}"
+ echo "Defaults:amnesia lecture_file=/usr/share/tails-greeter/no-password-lecture.txt" >> "${NO_PASSWORD_LECTURE}"
+ echo "Defaults:amnesia badpass_message=\"The administration password is disabled.\"" >> "${NO_PASSWORD_LECTURE}"
+ chmod 0440 "${NO_PASSWORD_LECTURE}"
log_n_exit "Password variable not found."
fi
diff --git a/no-password-lecture.txt b/no-password-lecture.txt
new file mode 100644
index 0000000..dd6301d
--- /dev/null
+++ b/no-password-lecture.txt
@@ -0,0 +1,8 @@
+By default, the administration password is disabled for better security.
+
+In order to perform administration tasks, you need to setup an administration
+password when starting Tails.
+
+See the corresponding documentation:
+https://tails.boum.org/doc/first_steps/administration_password/.
+
diff --git a/setup.py b/setup.py
index 54bf31f..d04c785 100755
--- a/setup.py
+++ b/setup.py
@@ -66,7 +66,7 @@ setup(
( SDIR + 'pixmaps/auto', listfiles( 'pixmaps/auto', '*.*' ) ),
( 'share/gdm/autostart/LoginWindow/', [ 'tails-greeter.desktop' ] ),
( 'bin/', [ 'tails-lang-helper' ] ),
- ( SDIR, [ 'tails-logging.conf' ] ),
+ ( SDIR, [ 'tails-logging.conf', 'no-password-lecture.txt' ] ),
],
cmdclass={
'build' : build_extra.build_extra,
--
1.7.9.1