https://bugzilla.novell.com/show_bug.cgi?id=341301#c2
Peter Stark
* did you see that message ? Yes:
Nov-13 15:46 <1> : Create .profile for package scripts done Nov-13 15:46 <1> : Modifying user: root [root] done Nov-13 15:46 <1> : Calling image script: config.sh
* If yes kiwi calls the program usermod to do the job. Is this command available ? The command is available.
* Your system image description doesn't accidently do something with the password files ? hm... I used a while-true-loop to monitor the shadow file:
Di 13. Nov 15:46:44 CET 2007: root::13830:::::: Di 13. Nov 15:46:49 CET 2007: root::13830:::::: Di 13. Nov 15:46:54 CET 2007: root:$2a$05$7Ec9fu7gBLTZiXTKpiuFcuQTFVZZdHBq2Pv4yQCgPLz9y25KvboHq:13830:::::: Di 13. Nov 15:46:59 CET 2007: root:$2a$05$7Ec9fu7gBLTZiXTKpiuFcuQTFVZZdHBq2Pv4yQCgPLz9y25KvboHq:13830:::::: Di 13. Nov 15:47:04 CET 2007: root:$2a$05$7Ec9fu7gBLTZiXTKpiuFcuQTFVZZdHBq2Pv4yQCgPLz9y25KvboHq:13830:::::: Di 13. Nov 15:47:09 CET 2007: root::13830:::::: Di 13. Nov 15:47:14 CET 2007: root::13830:::::: The time matches the usermod call. But it gets modified afterwards. It appears that one of the steps in config.sh must be responsible. .. I do some further investigations using "auditctl". ------------- type=CONFIG_CHANGE msg=audit(1194970387.373:6787): op=updated rules specifying path="/data/dvd.BIA/etc/shadow" with dev=8388753 ino=2145551 list=2304662 res=1 type=SYSCALL msg=audit(1194970387.373:6788): arch=c000003e syscall=82 success=yes exit=0 a0=7fff0c289ed0 a1=7fff0c289eb0 a2=555555769360 a3=0 items=5 ppid=29345 pid=30075 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 comm="passwd" exe="/usr/bin/passwd" key=(null) type=CWD msg=audit(1194970387.373:6788): cwd="/" ------------- It appears to be config.sh: ----------- # delete passwords passwd -d root passwd -d linux ----------- I may have uncommented those lines in the last version which then got updated when installing the new RPM. So, the issue is within the config.sh of the livesystem. The question is: Can you check if "root" + "linux" are configured to have passwords in the XML files? If so, the passwords should not be deleted. Why are they deleted anyway? regards, Peter -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.