[EMAIL PROTECTED] writes: > Chrony (essentially an xntp3 clone) includes two binaries: a daemon that > runs as root and a control program that runs in user space. To perform > certain operations the user running the control program must provide a > password which is stored in a file readable only by root. I want the > chrony package to install in a configuration that will "just work" on most > systems. To do that I must put a password in that file. I don't want to > put in a default password as most users will not change it, but I don't > want to go to an interactive postinst either. A solution I came up with is > to generate and install a unique random password in the postinst. > > IS this ok with policy? Am I missing any obvious problems?
I'm just curious - how are you going to do this? The best way I came up with was: PASS=`head --bytes=16 /dev/urandom | md5sum` I'm certain you could use od instead of md5sum, but I doubt it looks as simple as this. (Oh and I suppose people can argue about /dev/random vs. /dev/urandom, but for your purposes /dev/urandom should be fine - also note that /dev/random might cause the process to freeze temporarily if the entropy pool has been depleted).
