-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ludwig Nussel [26.08.2010 11:56]:
Werner Flamme wrote:
I do not recognize writing passwords to /etc/passwd as a feature. Do I have to open a bugzilla entry or is this a matter of (wrong) configuration?
If you managed to get into that situation using YaST it's probably worth a bug report, yes. We'd need a way to reproduce the problem though. I couldn't reproduce it by simply clicking some ldap related buttons at least. passwd always correctly uses /etc/shadow here.
Ludwig, using the passwd command at the commandline caused the passwords to be inserted in the /etc/passwd file. Using YaST removed them again, so now the file is clean again. Reproducing would only mean to use passwd on the commandline for some non-deactivated user. Using passwd for root himself did not write the password to /etc/passwd. I do not complain about the YaST module working OK ;-) # grep ufqadm /etc/passwd ufqadm:x:1002:1000:SAP Admin:/home/ufqadm:/bin/csh # LANG=C passwd ufqadm Changing password for ufqadm. New Password: Reenter New Password: Passwords do not match. New Password: Reenter New Password: Password changed. # grep ufqadm /etc/passwd ufqadm:$2a$10$TDsH.MDlYLbvOxtAvi7hSeDvJ4cvLU/49Wc9LiyMsEIfVwUcl1.GW:1002:1000:SAP Admin:/home/ufqadm:/bin/csh # grep ufqadm /etc/shadow Oh, nice, no entry in /etc/shadow for that user! When I try the same with a deactivated user (shell is set to /bin/false), the password is not inserted into /etc/passwd. And the user is still in /etc/shadow. Regards, Werner -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkx2RaEACgkQk33Krq8b42MWFACfZiwbu99L6+8m2R6MaaW0vZqV Sr0AnjJ1z5eLXl6u9k0voHge/W/rVJcD =Sno4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org