FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 06-28-2008, 05:30 AM
"Matt Seitz (matseitz)"
 
Default /etc/passwd.rpmnew changes "x" to "*"

What would be the effect of changing the password field in "/etc/passwd" from "x" to "*"? I noticed I have an "/etc/passwd.rpmnew" file which changes the password of many service accounts from "x" to "*". I am wondering if I should merge those changes into my "/etc/passwd" file.


--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-28-2008, 05:41 AM
John R Pierce
 
Default /etc/passwd.rpmnew changes "x" to "*"

Matt Seitz (matseitz) wrote:

What would be the effect of changing the password field in "/etc/passwd" from "x" to "*"? I noticed I have an "/etc/passwd.rpmnew" file which changes the password of many service accounts from "x" to "*". I am wondering if I should merge those changes into my "/etc/passwd" file.



* tells it to look in /etc/shadow, where I'd expect you would find said
"x" for no login.



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-28-2008, 08:40 PM
"Matt Seitz (matseitz)"
 
Default /etc/passwd.rpmnew changes "x" to "*"

> From: John R Pierce <pierce@hogranch.com>
>
> * tells it to look in /etc/shadow, where I'd expect you would
> find said
> "x" for no login.

I'm confused. My current "/etc/passwd" has "x" in the password field for user "root", and I can log in as root.

The CentOS documentation also says that "x" means "use /etc/shadow":

http://www.centos.org/docs/4/4.5/System_Administration_Guide/s2-redhat-config-users-process.html
http://www.centos.org/docs/4/html/rhel-isa-en-4/s1-acctsgrps-rhlspec.html

--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-29-2008, 12:31 AM
Johnny Hughes
 
Default /etc/passwd.rpmnew changes "x" to "*"

Matt Seitz (matseitz) wrote:

From: John R Pierce <pierce@hogranch.com>

* tells it to look in /etc/shadow, where I'd expect you would
find said
"x" for no login.


I'm confused. My current "/etc/passwd" has "x" in the password field for user "root", and I can log in as root.

The CentOS documentation also says that "x" means "use /etc/shadow":

http://www.centos.org/docs/4/4.5/System_Administration_Guide/s2-redhat-config-users-process.html
http://www.centos.org/docs/4/html/rhel-isa-en-4/s1-acctsgrps-rhlspec.html


A "*" means that the user in question can not login.

In this case you DO NOT want to integrate these changes ... as the
default passwd file initially put in etc at system install time (by the
setup rpm) is adjusted to have an "x" (by anaconda) if you are using a
shadow password file (and almost everyone wants to use a shadow password
file). That default passwd.rpmnew file also has NO PASSWD for root ...
BAD


If you look in your /etc/shadow file, you will see that all the users
who have a "*" in that "default" passwd.rpmnew file have a "*" instead
in /etc/shadow, so the that same restriction to login is now enforced in
the shadow file (where the system will look if you have shadow passwds
enabled).


This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file) due to an
update to the "setup" rpm in March ... and in this case, you can
remove/ignore that file.


Thanks,
Johnny Hughes


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 06-30-2008, 06:35 PM
"Matt Seitz (matseitz)"
 
Default /etc/passwd.rpmnew changes "x" to "*"

[I forgot to changed the "digest" subject the first time I sent this. Resending with the correct subject.]

> From: Johnny Hughes <johnny@centos.org>
>
> In this case you DO NOT want to integrate these changes
[...]
> This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file)
> due to an
> update to the "setup" rpm in March ... and in this case, you can
> remove/ignore that file.

Thank you for explaining all of this. Is this issue documented somewhere?




--
Matt Seitz
Manager, File System Virtualization
Cisco Systems, Inc.
.:|:.:|:.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-01-2008, 11:30 PM
Scott Silva
 
Default /etc/passwd.rpmnew changes "x" to "*"

on 6-30-2008 11:35 AM Matt Seitz (matseitz) spake the following:

[I forgot to changed the "digest" subject the first time I sent this. Resending with the correct subject.]


From: Johnny Hughes <johnny@centos.org>

In this case you DO NOT want to integrate these changes

[...]
This issue was caused in CentOS-4 (a /etc/passwd.rpmnew file)
due to an
update to the "setup" rpm in March ... and in this case, you can
remove/ignore that file.


Thank you for explaining all of this. Is this issue documented somewhere?


You just read it, so it IS documented "somewhere". ;-P



--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 12:57 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org