(Please CC me on your replies) What is the best way to ask for a password in a debconf prompt?
I've got a package (email-reminder) which asks for the SMTP login and password. I'm using a debconf of type "password" and output the result of that in a config file (only readable by root). Now the problem (see bug #462658) is that if you ever put a non-empty password there, then, you can no longer get rid of it after dpkg-reconfiguring the package. debconf seems to be ignoring empty password fields and still returns the previous value. I found two non-ideal solutions: 1- change the question type to a clear-text field 2- do a "db_reset question" before asking for the question Obviously I prefer to hide the password as it is being entered by the user so solution 1 is not my preferred one. With solution 2, it works as expected, but since I reset the question in the postinst script, right after the db_get call, that means that every package install/upgrade must ask this question again. So I was wondering what the best way to handle a password in debconf is. I guess that it's a bit more secure not to store the password at all in the debconf DB, but it's also inconvenient for users to be forced to type their password everytime they upgrade (especially if they don't need a password for their SMTP server). Francois -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
