Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] Making shadow passwords compulsory
  • From: Dirk Schreiner <dirk.schreiner@xxxxxxx>
  • Date: Mon, 29 Sep 2003 09:41:11 +0200
  • Message-id: <3F77E217.5060302@xxxxxxx>

now see, this is the default how passwd works under
Linux. (Not only SuSE ;-))
If you want to restrict use of passwd to certain users,
you should play with chmod and chown.
Not with the files.


Michael.James@xxxxxxxx schrieb:
Suse's "passwd" utility has a bit of undesired behaviour.

Most of my users don't have entries in shadow,
they depend on pam_krb5 for authentication.

So /etc/shadow is very short,
it only has lines for root and a few sysadmins.

I want for everyone else (system accounts like FTP and regular users)
to be denied even the possibility of a locally stored password.

Now in the past (under solaris) passwd would grumble and fail
unless that username already had a line present in shadow.

THIS passwd just bungs the encrypted string into /etc/passwd! Argh!
Nobody ever wants to go back to un-shadowed passwords.
How can I turn off this unwantedly obliging behaviour?


< Previous Next >
Follow Ups