Your message dated Mon, 11 May 2009 18:32:16 +0000
with message-id <[email protected]>
and subject line Bug#501869: fixed in shadow 1:4.1.4-1
has caused the Debian Bug report #501869,
regarding passwd(1) stops shadowing if /etc/passwd is edited manually
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
501869: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501869
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: passwd
Version: 1:4.1.1-5
File: /usr/bin/passwd
Please document on the passwd(1) man page or better yet fix somehow:
If a line in /etc/passwd has been changed by hand and not with
passwd(1) or vipw(1), then from then on any users who change their
passwords using passwd(1) will cause their encrypted password to be
visible in /etc/passwd, until the day the administrator runs pwconv(8).
E.g.,
# ed /etc/passwd #e.g. forgot passwd, rescue from grub "rw init=/bin/sh"
/root/s/:x:/::/
w
q
# passwd #then after rebooting and logging in, set a passwd
# grep root /etc/passwd
root:$1$cBD...
P.S., also you might want to mention on the pwck(8) man page that it
doesn't check that shadow information might be sitting exposed in
/etc/passwd. Also warn to not run pwck on /etc/group.
Also you might want to add SEE ALSO pwck(8) to passwd(1) and
shadow(5).
Also add SEE ALSO gshadow(5) to shadow(5). In fact there are lots more
see also connections that should be made between the members of
$(dlocate -man passwd), e.g., pwck<->grpck... Or perhaps give all on
each page...
--- End Message ---
--- Begin Message ---
Source: shadow
Source-Version: 1:4.1.4-1
We believe that the bug you reported is fixed in the latest version of
shadow, which is due to be installed in the Debian FTP archive:
login_4.1.4-1_i386.deb
to pool/main/s/shadow/login_4.1.4-1_i386.deb
passwd_4.1.4-1_i386.deb
to pool/main/s/shadow/passwd_4.1.4-1_i386.deb
shadow_4.1.4-1.diff.gz
to pool/main/s/shadow/shadow_4.1.4-1.diff.gz
shadow_4.1.4-1.dsc
to pool/main/s/shadow/shadow_4.1.4-1.dsc
shadow_4.1.4.orig.tar.gz
to pool/main/s/shadow/shadow_4.1.4.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nicolas FRANCOIS (Nekral) <[email protected]> (supplier of
updated shadow package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 11 May 2009 00:25:11 +0200
Source: shadow
Binary: passwd login
Architecture: source i386
Version: 1:4.1.4-1
Distribution: unstable
Urgency: low
Maintainer: Shadow package maintainers
<[email protected]>
Changed-By: Nicolas FRANCOIS (Nekral) <[email protected]>
Description:
login - system login tools
passwd - change and administer password and group data
Closes: 501869 524719 524873 525153 525531 525658 525967 527095 527106 527131
527636
Changes:
shadow (1:4.1.4-1) unstable; urgency=low
.
* The "Chambérat" release.
* New upstream release:
- Updated Czech translation. Closes: #525658
- Updated French translation.
- Updated German translation. Closes: #527131
- Updated Japanese translation.
- Updated Korean translation. Closes: #524719
- Updated Portuguese translation. Closes: #525531
- Updated Russian translation. Closes: #527636
- passwd: Report password properties changes if the password is not
actually changed. Closes: #525967
- Fixed lastlog. 4.1.3 only reported empty logs. Closes: #524873
- Remove patches applied upstream:
+ debian/patches/403_fix_PATH-MAX_hurd
- Updated patches:
+ debian/patches/008_login_log_failure_in_FTMP
+ debian/patches/401_cppw_src.dpatch
+ debian/patches/429_login_FAILLOG_ENAB
+ debian/patches/463_login_delay_obeys_to_PAM
- pwck and grpck warn when the shadowed and non-shadowed files contain
an entry for the same user or group and the non shadowed file password
field is not 'x'. Closes: #501869
Other topics raised in this bug were fixed previously.
* debian/securetty.linux: Added Freescale i.MX ports. Closes: #527095
* debian/securetty.linux: Added some local X displays. See LP #104957. But
only a limited set of displays were added.
* debian/rules, debian/passwd.newusers.pam, debian/passwd.chpasswd.pam:
Install the newusers and chpasswd PAM service configuration files.
newusers and chpasswd now use PAM to update the passwords.
Closes: #525153
* debian/login.pam: Updated support for SELinux. Closes: #527106
* debian/control: Standards-Version bumped to 3.8.1. No changes.
* debian/control: Changed gnome-doc-utils dependency to >= 0.4.3 (instead
of >= 0.4.3-1)
* debian/control: Added ${misc:Depends} to the passwd's Depends and login's
Pre-Depends.
Checksums-Sha1:
351f85543759af67c9cdae9b7c073fd538bb1aed 1540 shadow_4.1.4-1.dsc
8838b6fb252fe48bb90ff98277f73e40e7821d40 2758530 shadow_4.1.4.orig.tar.gz
4fc70dc46f827298e79d02e1c9b55cba5be25da4 76293 shadow_4.1.4-1.diff.gz
c4d097998865f90e25ed1f28a1185483b51aed61 961826 passwd_4.1.4-1_i386.deb
1eb59e7c6d5db6d32e88a585a8dd34b5c9f95f32 749854 login_4.1.4-1_i386.deb
Checksums-Sha256:
d21e0c451acb2851895f17ec6ec27aad3e1313c959e0dbf979ce123fd7a00608 1540
shadow_4.1.4-1.dsc
7e38a7826f6e71e89b55669e8343af05ae33ecfba99aad178cad45845d950a93 2758530
shadow_4.1.4.orig.tar.gz
a9b30bcb5e5c9ace9f2ac6f6df05b2e4be8804309f0f6ce52f808129639a04cc 76293
shadow_4.1.4-1.diff.gz
3126d1e0a30e4df07ead5c95295a427ac4ca427a6b279eb9e83fdf260f8c860a 961826
passwd_4.1.4-1_i386.deb
4605f7f82bd61a0a96a9b0562f112a4145667a8f08d6a8d262d4b89750ec3c29 749854
login_4.1.4-1_i386.deb
Files:
c7c450299d249a7927b968da8ae66e56 1540 admin required shadow_4.1.4-1.dsc
e1072df927bfb4410ee4dfe26dd81a17 2758530 admin required
shadow_4.1.4.orig.tar.gz
a916c96549dd9c3428bba790963298f4 76293 admin required shadow_4.1.4-1.diff.gz
76d53ec8fb5cfbe40aa290a20ab3f990 961826 admin required passwd_4.1.4-1_i386.deb
edc70959a46a3b3955aba739ce516658 749854 admin required login_4.1.4-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoHXkQACgkQWgo5mup89a06FgCdGxsfXWY3hrstMWEDocqnRn7Q
f04An0r1gWv/Be/vS8yZqMxpxA/YiHvC
=Cx5k
-----END PGP SIGNATURE-----
--- End Message ---
