touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #87550
[Bug 1323732] Re: adduser should support managing additional password/shadow/group files from libnss-extrausers
does nss-altfiles allow us to keep a readonly locked down
/etc/passwd|shadow|group|gshadow ? it is pretty essential that adduser
can not change system accounts that are in one of the above files in our
readonly setup, can nss-altfiles provide such a level of lockdown ?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/1323732
Title:
adduser should support managing additional password/shadow/group files
from libnss-extrausers
Status in adduser package in Ubuntu:
In Progress
Bug description:
with our readonly system-image setup when adding a user or changing a password using the /etc/{passwd,shadow,group} is not actually possible.
we plan to solve this via using libnss-extrausers and patching the config in /etc/nsswitch.conf at image build-time. this way we can make /var/lib/extrausers writable and use passwd,shadow and group from there.
unfortunately adduser is not able to operate on these files in the
non-standard location. to set a user password (for having a properly
working lock screen), add new users or drop the "nopasswordlogin"
group from the phablet user it needs to learn handling these files so
that we do not need to use weird hacks to manage users on system-image
installs.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/1323732/+subscriptions