[Mageia-sysadm] [Mageia-dev] Bugs list test?

Thu Feb 17 19:33:19 CET 2011

On Thursday, 17 February 2011 18:32:23 Michael Scherer wrote:
+> Le jeudi 17 février 2011 à 11:10 -0500, Hoyt Duff a écrit :
+> > I also have a problem with mageia bugzilla.
+> > 
+> > While I have an account, have filed a few bug reports and have gotten
+> > mail from bugzilla-daemon at mageia.org, I cannot log in to my account
+> > and when I request a password change, I am told "This email address is
+> > not bound to an account". The address is hoytduff at gmail.com.
+> 
+> There is nothing in ldap with this email.
+
+For a day or two after the release of Alpha1, bugzilla still allowed local 
+(bugzilla only) accounts to be registered, or, at least, the "New Account" 
+links on the nav bar went to bugzilla-specific CGIs.
+
+Hoyt, can you remember if you created your account on bugzilla itself, or at 
+http://identity.mageia.org ? (you could check your mailbox for the activation 
+mail to be sure).
+
+We may need to check if there are any bugzilla local accounts that should be 
+moved to LDAP.
+
+> What bug did you fill ?
+> 
+> > As well, there is no obvious link on the site to contact an admin if
+> > there is a problem, hence my post here.
+> 
+> I guess we should add this, yes.
+
+Of course, we need to consider the aspect of users who have forgotten their 
+password, can't recover it (most likely cause for now, they are privileged 
+accounts), and can't file a bug or so ...
+
+I will make a proposal for automated recovery process for privileged accounts 
+(in short, GPG public key must be in LDAP, sufficiently trusted, the URL with 
+random key is sent encryped with the user's GPG public key - this ensures not 
+just compromise of email account, but compromise of email account, GPG private 
+key, and if - hopefully encrypted - GPG passphrase)
+
+Regards,
+Buchan
+