lp://staging/ubuntu/trusty-proposed/user-setup
- Get this branch:
- bzr branch lp://staging/ubuntu/trusty-proposed/user-setup
Branch merges
Related source package recipes
Branch information
Recent revisions
- 105. By Colin Watson
-
* Add the initial user to the libvirtd group (LP: #1304008).
* Add maas to reserved-usernames (LP: #1069684). - 104. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups too.
Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- If a user requests an encrypted-home, we must have their login
passphrase, in order to wrap their mount passphrase; it's
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to password selection.
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Don't restrict guest login from login screen if autologin was
configured, just restrict autologin for guest specifically.
- If OVERRIDE_ALREADY_ ENCRYPTED_ SWAP is set in the environment, assume
that encrypted swap has already been set up rather than re-creating
and re-zeroing swap. - 103. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups too.
Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- If a user requests an encrypted-home, we must have their login
passphrase, in order to wrap their mount passphrase; it's
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to password selection.
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Don't restrict guest login from login screen if autologin was
configured, just restrict autologin for guest specifically.
- If OVERRIDE_ALREADY_ ENCRYPTED_ SWAP is set in the environment, assume
that encrypted swap has already been set up rather than re-creating
and re-zeroing swap. - 101. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups too.
Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- If a user requests an encrypted-home, we must have their login
passphrase, in order to wrap their mount passphrase; it's
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to password selection.
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Don't restrict guest login from login screen if autologin was
configured, just restrict autologin for guest specifically.
- If OVERRIDE_ALREADY_ ENCRYPTED_ SWAP is set in the environment, assume
that encrypted swap has already been set up rather than re-creating
and re-zeroing swap. - 100. By Colin Watson
-
* user-setup-apply:
- Revert the change from 1.42ubuntu2. We'll handle this in ubiquity
instead; in d-i, it seems to be too difficult to get right without the
aid of script libraries from cryptsetup.
- If OVERRIDE_ALREADY_ ENCRYPTED_ SWAP is set in the environment, assume
that encrypted swap has already been set up rather than re-creating
and re-zeroing swap (LP: #979350). - 99. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups too.
Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- If a user requests an encrypted-home, we must have their login
passphrase, in order to wrap their mount passphrase; it's
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to password selection.
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Don't restrict guest login from login screen if autologin was
configured, just restrict autologin for guest specifically.
* Update Ubuntu-specific translations from Launchpad. - 98. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups too.
Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- If a user requests an encrypted-home, we must have their login
passphrase, in order to wrap their mount passphrase; it's
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to password selection.
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Don't restrict guest login from login screen if autologin was
configured, just restrict autologin for guest specifically.
* Update Ubuntu-specific translations from Launchpad. - 97. By Colin Watson
-
apt-install ecryptfs-utils and cryptsetup in user-setup-apply, not
user-setup-ask (LP: #893014). - 96. By Steve Langasek
-
* Merge from Debian testing, remaining changes:
- Add the initial user to the adm, lpadmin, and sambashare groups
too. Do not add them to the audio, video, floppy, netdev, powerdev,
scanner, or bluetooth groups.
- Default passwd/root-login to false.
- Create the spu group on powerpc/ps3 and powerpc/cell.
- Make is_system_user always return false if OVERRIDE_SYSTEM_ USER is
set.
- Add preseedable passwd/auto-login question; if set to true, configure
gdm, kdm, lxdm, and lightdm for automatic login. Add
passwd/auto-login- backup question which backs up the previous contents
of the files as well.
- Ask whether the user wants to encrypt their home directory.
- Allow forcing the encrypted home option.
- user-setup-ask: if a user requests an encrypted-home, we must have
their login passphrase, in order to wrap their mount passphrase; its
fundamentally incompatible to preseed encrypted-home AND a crypted
password; if this happens, send the user back to the password
selection in the user-setup state machine
- Zero out swap devices at the end of install when encryption is
enabled.
- Provide a progress message for wiping swap space.
- If user-setup/allow-password- empty is preseeded to true, allow empty
passwords.
- Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
Ubuntu, and causes a confusing message that worries some people.
- Add weak password detection (purely length-based for now, matching
partman-crypto) .
- Consider a password of '!' in shadow for root to be unset.
- Update Ubuntu-specific translations from Launchpad.
- Don't restrict guest login from login screen if autologin was configured,
just restrict autologin for guest specifically.
* Dropped changes:
- Add the initial user to the dip group after all, not dialout; per
Debian bug #568895, dip is for pppd and dialout is for raw tty access
which users don't need.
- Don't set up the admin group or add the user to it; the sudo package
now always sets up the sudo group on install, so we can as well use
this group as the admin group. This will be inconsistent with
previous Ubuntu releases, but consistent with Debian and compatible
with sudo.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/trusty/user-setup
