|
|
| Author |
Message |
janc
|
|
NextGrex Progress
| 
Dec 21 18:37 UTC 2003 |
OK, I can't figure out which item to use to report progress on NextGrex,
so I'll start a new one.
|
| 467 responses total. |
janc
|
|
response 1 of 467:
|
Dec 21 18:40 UTC 2003 |
I've installed OpenBSD 3.4 and completed all setup tasks that have been
documented in the grexdoc CVS archive.
So /suidbin is set up, things from the ports tree installed, and party,
orville-write, backtalk, fronttalk, gate and all the grex-scripts that
Dan Gryniewicz ported are back.
nethack in the ports tree wouldn't compile with the -no-x11 setting.
aspell, which didn't work in 3.3 does work in 3.4
w3m didn't build out of the ports tree.
|
janc
|
|
response 2 of 467:
|
Dec 21 19:22 UTC 2003 |
I think my next focus is going to be:
(1) Get Dan Cross's login patch reinstalled and documented.
(2) Do a newuser port.
|
janc
|
|
response 3 of 467:
|
Dec 21 20:27 UTC 2003 |
OK, I (easily) found Dan's login_grexpass source. I've moved a copy
into the grexdoc archive, together with install instructions and done
the install on nextGrex 3.4. Time to look at newuser.
|
carson
|
|
response 4 of 467:
|
Dec 22 02:30 UTC 2003 |
(thanks, Jan.)
|
janc
|
|
response 5 of 467:
|
Dec 22 16:52 UTC 2003 |
Modified the 'passwd' program so that it does kg_pwhash() passwords correctly.
Previously it only understood/set crypt() passwords. Of course, openBSD
crypt() is an extended version that can handles about six different password
encryptions. The really nice way to handle Marcus's passwords would be to
fold it into the crypt() function ... but we can't do that. Marcus's needs
an extra argument passed in that none of the others do. Fooey.
So there are two mods here, one so it understands kg_pwhash() passwords when
asking users for their old passwords, and one that it uses kg_pwhash() to set
the new password.
Constructed install scripts to apply these mods to the stock passwd source.
I've got a first draft of a port of newuser to openbsd. Compiles but not
tested yet.
|
cross
|
|
response 6 of 467:
|
Dec 22 19:20 UTC 2003 |
I still don't get it; why do we want to switch with the kg_pwhash() stuff?
|
janc
|
|
response 7 of 467:
|
Dec 23 01:04 UTC 2003 |
We don't want to switch to it. We have already switched to it. There has
been some discussion of switching away from it, but staff has not come to an
agreement on that. Personally I'd prefer using something standard. But I
don't feel strongly about it, and I'm not going to decide that unilaterally,
and I don't want getting NextGrex on line to have to wait for a decision on
that.
|
cross
|
|
response 8 of 467:
|
Dec 23 03:32 UTC 2003 |
What decision? If we can authenticate users with kg_pwhash, and create
users with something `standard', how's that holding things up?
|
janc
|
|
response 9 of 467:
|
Dec 23 14:09 UTC 2003 |
That's holding things up because before we can go live with a system so
configured, Grex staff has to decide if that's what we want to do.
There are people who have strong feelings about both sides of that
question and it is not going to be easily resolved.
|
janc
|
|
response 10 of 467:
|
Dec 27 02:04 UTC 2003 |
OpenBSD permits login IDs up to 31 characters long. I'm inclined to modify
newuser to permit this as well. With thousands of logins being used,
increasing the name space might be nice.
OpenBSD also allows underscores, dashs and dots in login names. I'm inclined
to have newuser NOT allow any of these. I don't really want to have
different users named joecool, joe.cool, joe_cool, and joe-cool.
|
gelinas
|
|
response 11 of 467:
|
Dec 27 02:07 UTC 2003 |
I think extending the length of login ids is good. I think eliminating
special characters from login ids is also good.
|
twenex
|
|
response 12 of 467:
|
Dec 27 05:18 UTC 2003 |
I concur.
|
naftee
|
|
response 13 of 467:
|
Dec 27 05:41 UTC 2003 |
re 10 HEY I think joe is cool.
|
twenex
|
|
response 14 of 467:
|
Dec 27 05:47 UTC 2003 |
Re: 11, 13 - although, w/ 31 characters, you might want to permit uppercase
and/or underscores.
|
gelinas
|
|
response 15 of 467:
|
Dec 27 06:06 UTC 2003 |
NOT underscores. Distinguishing between JoeCool, joeCool and joecool is
just asking for trouble. I strongly advise against allowing such things.
|
janc
|
|
response 16 of 467:
|
Dec 27 08:17 UTC 2003 |
New version of newuser successfully created an account. Needs more testing
and some fixing up of the default dot files before I'm ready to call it
done though. Source code, build and install scripts are in CVS.
|
gelinas
|
|
response 17 of 467:
|
Dec 27 15:00 UTC 2003 |
NB: The convention in mail is to replace spaces in names with dots, originally
underscores. So allowing dots or underscores in a login name is going to
lead to confusion in mail, if only in the minds of people writing the
messages.
|
remmers
|
|
response 18 of 467:
|
Dec 27 16:52 UTC 2003 |
Regarding long login id's, I'd be a little cautious. How much software
is out there that retrieves login id's, assumes that they're at most eight
characters long, and would then proceed to break in various ways in the
presence of longer id's?
Come to think of it, I should look at the vote program and see if I'm
making an assumption about login id length.
|
remmers
|
|
response 19 of 467:
|
Dec 27 17:08 UTC 2003 |
Vote program seems to be okay. I do make the assumption that
login id's (and certain other data items) don't exceed a certain
#define'd constant that is currently set to 128 and which could
easily be changed. Guess I was forward-looking, eh?
However, I'm still concerned about other software.
|
remmers
|
|
response 20 of 467:
|
Dec 27 17:32 UTC 2003 |
Actually, even the 128 restriction applies only to login id's
of candidates. Login id's of voters are obtained from the password
database using standard functions, so that part should work right
no matter how long login id's can be.
|
jlamb
|
|
response 21 of 467:
|
Dec 27 19:35 UTC 2003 |
This response has been erased.
|
janc
|
|
response 22 of 467:
|
Dec 27 22:13 UTC 2003 |
It's something I typed in so I'd have a test page. First thing that
came into my head. It's probably possible to anonymously read the
conferences on NextGrex. Few things could be less interesting.
Yes, there is a risk of old software breaking with longer-than-
eight-character logins. I think it's a risk worth taking. I'll have to
review party and write. I don't think a 31 character login is very
desirable, but 9 or 10 would be very useful.
There are system constants that tell how long logins can be. I think
limits.h provides one called MAXLOGNAME which is one more than the
maximum size, and pwd.h provides another one, something like
PW_MAX_LOGIN. There is another one around too. This is all from memory
and probably not right. Can't look right now.
|
jlamb
|
|
response 23 of 467:
|
Dec 27 23:06 UTC 2003 |
This response has been erased.
|
jlamb
|
|
response 24 of 467:
|
Dec 27 23:13 UTC 2003 |
This response has been erased.
|
