From mboxrd@z Thu Jan  1 00:00:00 1970
From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023;
	t=1613735293; bh=Z8hCznRv6QHziygoBwIR25a/61xtNhRS47y3msZX8fE=;
	h=From:To:Subject:In-Reply-To:References:Date:From;
	b=KzZGy+Ud8iO2LZ4cOsUtcb9GU3p7rJjBEWoeWmwWIsVrtfDvR7Q/VUeAaszw+5QxR
	 1GDoswka9NCcuyQsvCzPPIoV4rh4a71DXoenM+zeJsgqzpTXUeF2UvEpPXIDkGuGLE
	 DniCXZMx2EZZypXDV1/bLY+ObOjgltxP8JBXPNZd6ul9PIV0ND/OVbw+d/rP+8nco+
	 ANyd+QoQ6RhSRiDR6Zjp3+yxtzh1KXGBVuGx06gkoIE6aF8fSdj193misI2oSu5LPP
	 7LwBMFLI6dQ7VcKAE4UNvjfSa1irCtVBPpe7gphDYtVJ3DXh4yZT3r3jg5THucZ3S0
	 6yH2vKtLmLu6w==
To: Michael =?utf-8?Q?Str=C3=B6der?= <michael@stroeder.com>,
 galene@lists.galene.org
In-Reply-To: <b73fbdce-398a-6d89-85e3-9c8d17defe85@stroeder.com>
References: <878s7kl6zh.fsf@toke.dk>
 <b73fbdce-398a-6d89-85e3-9c8d17defe85@stroeder.com>
Date: Fri, 19 Feb 2021 12:48:13 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <8735xsl1mq.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: QXEQU6QYRQJL225AREXG7DU7L2BYLGJI
X-Message-ID-Hash: QXEQU6QYRQJL225AREXG7DU7L2BYLGJI
X-MailFrom: toke@toke.dk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header
X-Mailman-Version: 3.3.2
Precedence: list
Subject: [Galene] Re: Is the passwd file still needed?
List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= <galene.lists.galene.org>
Archived-At: <https://lists.galene.org/galene/8735xsl1mq.fsf@toke.dk/>
List-Archive: <https://lists.galene.org/galene/>
List-Help: <mailto:galene-request@lists.galene.org?subject=help>
List-Post: <mailto:galene@lists.galene.org>
List-Subscribe: <mailto:galene-join@lists.galene.org>
List-Unsubscribe: <mailto:galene-leave@lists.galene.org>

Michael Str=C3=B6der <michael@stroeder.com> writes:

> On 2/19/21 10:52 AM, Toke H=C3=B8iland-J=C3=B8rgensen wrote:
>> With the new hashed-password syntax in group files, user credentials are
>> stored in the JSON for each group. But there's still a mention of a
>> passwd file in the README, but marked as 'optional' - is this still
>> needed? What's the consequence of not having it? And is there a way to
>> specify hashed passwords in that file?
>
> AFAICS it's simply used to protect the /stats page (with HTTP basic authc=
).

Ah, right, gotcha. I thought that just required any user with ops privs,
but I guess I got that behaviour by reusing the same user/password
combination in passwd and the groups config.

OK, so my question about using the hashed syntax remains; but maybe this
is deferred until a more complete system for user management shows up? :)

-Toke