Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   /etc/passwd.rpmnew changes "x" to "*" (http://www.linux-archive.org/centos/115010-etc-passwd-rpmnew-changes-x.html)

"Matt Seitz (matseitz)" 06-28-2008 05:30 AM

/etc/passwd.rpmnew changes "x" to "*"
 
What would be the effect of changing the password field in "/etc/passwd" from "x" to "*"? I noticed I have an "/etc/passwd.rpmnew" file which changes the password of many service accounts from "x" to "*". I am wondering if I should merge those changes into my "/etc/passwd" file.


--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

John R Pierce 06-28-2008 05:41 AM

/etc/passwd.rpmnew changes "x" to "*"
 
Matt Seitz (matseitz) wrote:

What would be the effect of changing the password field in "/etc/passwd" from "x" to "*"? I noticed I have an "/etc/passwd.rpmnew" file which changes the password of many service accounts from "x" to "*". I am wondering if I should merge those changes into my "/etc/passwd" file.



* tells it to look in /etc/shadow, where I'd expect you would find said
"x" for no login.



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Matt Seitz (matseitz)" 06-28-2008 08:40 PM

/etc/passwd.rpmnew changes "x" to "*"
 
> From: John R Pierce <pierce@hogranch.com>
>
> * tells it to look in /etc/shadow, where I'd expect you would
> find said
> "x" for no login.

I'm confused. My current "/etc/passwd" has "x" in the password field for user "root", and I can log in as root.

The CentOS documentation also says that "x" means "use /etc/shadow":

http://www.centos.org/docs/4/4.5/System_Administration_Guide/s2-redhat-config-users-process.html
http://www.centos.org/docs/4/html/rhel-isa-en-4/s1-acctsgrps-rhlspec.html

--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Johnny Hughes 06-29-2008 12:31 AM

/etc/passwd.rpmnew changes "x" to "*"
 
Matt Seitz (matseitz) wrote:

From: John R Pierce <pierce@hogranch.com>

* tells it to look in /etc/shadow, where I'd expect you would
find said
"x" for no login.


I'm confused. My current "/etc/passwd" has "x" in the password field for user "root", and I can log in as root.

The CentOS documentation also says that "x" means "use /etc/shadow":

http://www.centos.org/docs/4/4.5/System_Administration_Guide/s2-redhat-config-users-process.html
http://www.centos.org/docs/4/html/rhel-isa-en-4/s1-acctsgrps-rhlspec.html


A "*" means that the user in question can not login.

In this case you DO NOT want to integrate these changes ... as the
default passwd file initially put in etc at system install time (by the
setup rpm) is adjusted to have an "x" (by anaconda) if you are using a
shadow password file (and almost everyone wants to use a shadow password
file). That default passwd.rpmnew file also has NO PASSWD for root ...
BAD :D


If you look in your /etc/shadow file, you will see that all the users
who have a "*" in that "default" passwd.rpmnew file have a "*" instead
in /etc/shadow, so the that same restriction to login is now enforced in
the shadow file (where the system will look if you have shadow passwds
enabled).


This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file) due to an
update to the "setup" rpm in March ... and in this case, you can
remove/ignore that file.


Thanks,
Johnny Hughes


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Matt Seitz (matseitz)" 06-30-2008 06:35 PM

/etc/passwd.rpmnew changes "x" to "*"
 
[I forgot to changed the "digest" subject the first time I sent this. Resending with the correct subject.]

> From: Johnny Hughes <johnny@centos.org>
>
> In this case you DO NOT want to integrate these changes
[...]
> This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file)
> due to an
> update to the "setup" rpm in March ... and in this case, you can
> remove/ignore that file.

Thank you for explaining all of this. Is this issue documented somewhere?




--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Scott Silva 07-01-2008 11:30 PM

/etc/passwd.rpmnew changes "x" to "*"
 
on 6-30-2008 11:35 AM Matt Seitz (matseitz) spake the following:

[I forgot to changed the "digest" subject the first time I sent this. Resending with the correct subject.]


From: Johnny Hughes <johnny@centos.org>

In this case you DO NOT want to integrate these changes

[...]
This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file)
due to an
update to the "setup" rpm in March ... and in this case, you can
remove/ignore that file.


Thank you for explaining all of this. Is this issue documented somewhere?


You just read it, so it IS documented "somewhere". ;-P



--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 01:29 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.