lp:ubuntu/trusty-proposed/user-setup

Created by Ubuntu Package Importer on 2014-04-08 and last modified on 2014-04-08
Get this branch:
bzr branch lp:ubuntu/trusty-proposed/user-setup
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

105. By Colin Watson on 2014-04-08

* Add the initial user to the libvirtd group (LP: #1304008).
* Add maas to reserved-usernames (LP: #1069684).

104. By Colin Watson on 2013-05-17

* Resynchronise with Debian. Remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups too.
    Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - If a user requests an encrypted-home, we must have their login
    passphrase, in order to wrap their mount passphrase; it's
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to password selection.
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Don't restrict guest login from login screen if autologin was
    configured, just restrict autologin for guest specifically.
  - If OVERRIDE_ALREADY_ENCRYPTED_SWAP is set in the environment, assume
    that encrypted swap has already been set up rather than re-creating
    and re-zeroing swap.

103. By Colin Watson on 2012-12-03

* Resynchronise with Debian. Remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups too.
    Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - If a user requests an encrypted-home, we must have their login
    passphrase, in order to wrap their mount passphrase; it's
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to password selection.
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Don't restrict guest login from login screen if autologin was
    configured, just restrict autologin for guest specifically.
  - If OVERRIDE_ALREADY_ENCRYPTED_SWAP is set in the environment, assume
    that encrypted swap has already been set up rather than re-creating
    and re-zeroing swap.

102. By Colin Watson on 2012-10-15

Fix syntax error in user-setup-apply if $ROOT is unset (LP: #1066256).

101. By Colin Watson on 2012-09-19

* Resynchronise with Debian. Remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups too.
    Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - If a user requests an encrypted-home, we must have their login
    passphrase, in order to wrap their mount passphrase; it's
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to password selection.
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Don't restrict guest login from login screen if autologin was
    configured, just restrict autologin for guest specifically.
  - If OVERRIDE_ALREADY_ENCRYPTED_SWAP is set in the environment, assume
    that encrypted swap has already been set up rather than re-creating
    and re-zeroing swap.

100. By Colin Watson on 2012-04-19

* user-setup-apply:
  - Revert the change from 1.42ubuntu2. We'll handle this in ubiquity
    instead; in d-i, it seems to be too difficult to get right without the
    aid of script libraries from cryptsetup.
  - If OVERRIDE_ALREADY_ENCRYPTED_SWAP is set in the environment, assume
    that encrypted swap has already been set up rather than re-creating
    and re-zeroing swap (LP: #979350).

99. By Colin Watson on 2012-04-11

* Resynchronise with Debian. Remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups too.
    Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - If a user requests an encrypted-home, we must have their login
    passphrase, in order to wrap their mount passphrase; it's
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to password selection.
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Don't restrict guest login from login screen if autologin was
    configured, just restrict autologin for guest specifically.
* Update Ubuntu-specific translations from Launchpad.

98. By Colin Watson on 2012-03-13

* Resynchronise with Debian. Remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups too.
    Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - If a user requests an encrypted-home, we must have their login
    passphrase, in order to wrap their mount passphrase; it's
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to password selection.
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Don't restrict guest login from login screen if autologin was
    configured, just restrict autologin for guest specifically.
* Update Ubuntu-specific translations from Launchpad.

97. By Colin Watson on 2011-11-21

apt-install ecryptfs-utils and cryptsetup in user-setup-apply, not
user-setup-ask (LP: #893014).

96. By Steve Langasek on 2011-11-08

* Merge from Debian testing, remaining changes:
  - Add the initial user to the adm, lpadmin, and sambashare groups
    too. Do not add them to the audio, video, floppy, netdev, powerdev,
    scanner, or bluetooth groups.
  - Default passwd/root-login to false.
  - Create the spu group on powerpc/ps3 and powerpc/cell.
  - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    set.
  - Add preseedable passwd/auto-login question; if set to true, configure
    gdm, kdm, lxdm, and lightdm for automatic login. Add
    passwd/auto-login-backup question which backs up the previous contents
    of the files as well.
  - Ask whether the user wants to encrypt their home directory.
  - Allow forcing the encrypted home option.
  - user-setup-ask: if a user requests an encrypted-home, we must have
    their login passphrase, in order to wrap their mount passphrase; its
    fundamentally incompatible to preseed encrypted-home AND a crypted
    password; if this happens, send the user back to the password
    selection in the user-setup state machine
  - Zero out swap devices at the end of install when encryption is
    enabled.
  - Provide a progress message for wiping swap space.
  - If user-setup/allow-password-empty is preseeded to true, allow empty
    passwords.
  - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
    Ubuntu, and causes a confusing message that worries some people.
  - Add weak password detection (purely length-based for now, matching
    partman-crypto).
  - Consider a password of '!' in shadow for root to be unset.
  - Update Ubuntu-specific translations from Launchpad.
  - Don't restrict guest login from login screen if autologin was configured,
    just restrict autologin for guest specifically.
* Dropped changes:
  - Add the initial user to the dip group after all, not dialout; per
    Debian bug #568895, dip is for pppd and dialout is for raw tty access
    which users don't need.
  - Don't set up the admin group or add the user to it; the sudo package
    now always sets up the sudo group on install, so we can as well use
    this group as the admin group. This will be inconsistent with
    previous Ubuntu releases, but consistent with Debian and compatible
    with sudo.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/trusty/user-setup
This branch contains Public information 
Everyone can see this information.

Subscribers