[Bug 807099] New: groupadd -g 1000 <username> -- fails with "configuration error - unknown item 'LASTLOG_ENAB' (notify administrator)
https://bugzilla.novell.com/show_bug.cgi?id=807099 https://bugzilla.novell.com/show_bug.cgi?id=807099#c0 Summary: groupadd -g 1000 <username> -- fails with "configuration error - unknown item 'LASTLOG_ENAB' (notify administrator) Classification: openSUSE Product: openSUSE 12.3 Version: RC 2 Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jnelson-suse@jamponi.net QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101 Firefox/19.0 Title has all the details. groupadd -g 1000 <username> -- fails with "configuration error - unknown item 'LASTLOG_ENAB' (notify administrator) Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c1
Thorsten Kukuk
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c2
Jon Nelson
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c3
Thorsten Kukuk
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Thorsten Kukuk
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Thomas Göttlicher
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c4
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c5
Thorsten Kukuk
It is true YaST writes "" for LASTLOG_ENAB, but why is not LASTLOG_ENAB defined in installed /etc/login.defs before?
8 years ago it was decided (I think the request did come from somebody from the security team, but my notes don't go back so far anymore) that LASTLOG_ENAB is a bad idea since it was only used by /bin/login and nothing else, and that we should use pam_lastlog.so instead, so that all tools can use it. The old tools ignored syntax errors, the new tools now aborts, that's why it did not show up earlier. But in any case, YaST should never add new variables to config files, especially not with an empty value, except the user/sysadmin explicit enables this option somewhere ... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c6
--- Comment #6 from Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c7
--- Comment #7 from Thorsten Kukuk
Still: if LASTLOG_ENAB is not even present in fresh /etc/login.defs and because it is bad idea itself, should YaST offer its configuration? Shouldn't we drop it completly?
Sorry, misunderstand you: we should not offer it, since nobody uses this variable anymore. So drop completly. And we should check at some point (before SLE12) which variables YaST else uses and if they are still valid. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c8
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c9
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c10
Thorsten Kukuk
Thorsten, how severe is the problem? This looks like all 12.3 users will have that broken line in their login.defs.
I would assume that at least all users which use the default "automatical configuration" cannot create users/groups after a fresh installation. I had always disabled that option and didn't saw the problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c11
--- Comment #11 from Jiří Suchomel
I would assume that at least all users which use the default "automatical configuration" cannot create users/groups after a fresh installation.
You mean, cannot create users/groups with command line tools. It still should work with YaST.
I had always disabled that option and didn't saw the problem.
I think most of openSUSE users do not disable Automatic Configuration. And thinking about it... I actually think that disabling it will not help, as yast2-security is used anyway (for saving the crypt method). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c12
--- Comment #12 from Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c13
--- Comment #13 from Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c14
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c15
--- Comment #15 from Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c16
Benjamin Brunner
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c17
Jiří Suchomel
osc maintenancerequest home:jsuchome:12.3 yast2-security openSUSE:12.3 Using target project 'openSUSE:Maintenance' 158659
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c18
--- Comment #18 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c19
--- Comment #19 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c20
Peter Linnell
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c21
--- Comment #21 from Peter Linnell
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c22
Jiří Suchomel
Yast2 is leaving LASTLOG_ENAB "" in /etc/login.defs which is causing error messages
How? The code for writing LASTLOG_ENAB was removed from YaST. When (after which module run) do you see such behavior? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c23
Axel Braun
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c24
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c25
--- Comment #25 from Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c26
--- Comment #26 from Peter Linnell
https://bugzilla.novell.com/show_bug.cgi?id=807099
https://bugzilla.novell.com/show_bug.cgi?id=807099#c27
--- Comment #27 from Jiří Suchomel
participants (1)
-
bugzilla_noreply@novell.com