-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Werner Flamme [26.08.2010 12:44]:
# grep ufqadm /etc/passwd ufqadm:x:1002:1000:SAP Admin:/home/ufqadm:/bin/csh
# LANG=C passwd ufqadm Changing password for ufqadm. New Password: Reenter New Password: Passwords do not match. New Password: Reenter New Password: Password changed.
# grep ufqadm /etc/passwd ufqadm:$2a$10$TDsH.MDlYLbvOxtAvi7hSeDvJ4cvLU/49Wc9LiyMsEIfVwUcl1.GW:1002:1000:SAP Admin:/home/ufqadm:/bin/csh # grep ufqadm /etc/shadow
Oh, nice, no entry in /etc/shadow for that user!
When I try the same with a deactivated user (shell is set to /bin/false), the password is not inserted into /etc/passwd. And the user is still in /etc/shadow.
Next try was to reactivate the deactivated user "erster". After that, the password was removed from the file /etc/passwd. # grep ufqadm /etc/passwd ufqadm:x:1002:1000:SAP Admin:/home/ufqadm:/bin/csh But still no entry for user ufqadm in /etc/shadow, so that the user is unusable now. Only after re-changing the password via YaST, ufqadm is back in /etc/shadow. OK, note to myself and my colleagues: change passwords only via YaST. Regards, Werner -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkx2SvcACgkQk33Krq8b42NJdACaArIGIgi6+nyFFqFvmMC08v6B aiMAnjL6K59FRMP5vdP7eer4/fA8BTVx =mMrS -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org