Bug#394182: [Pkg-shadow-devel] Bug#394182: cppw: copies to /etc/passwd even with -s switch
(not CC'ind Chad as he subscribed to the ML) I've looked at the code (in debian/patches/401_cppw_src.dpatch), and noticed it is checking for the obsolete symbol SHADOWPWD before checking for the -s switch. Since that symbol doesn't exist (The Changelog says it has been removed), it goes ahead and copies the file over /etc/passwd instead of /etc/shadow. My first analysis would be just removing the #ifdef/#endif for SHADOWPWD (and likely SHADOWGRP later). Nicolas, Chad, agreed? signature.asc Description: Digital signature
Bug#394182: cppw: copies to /etc/passwd even with -s switch
My first analysis would be just removing the #ifdef/#endif for SHADOWPWD (and likely SHADOWGRP later). Nicolas, Chad, agreed? Sounds right to me. If I read the notes in the upstream ChangeLog correctly, they state that SHADOWPWD should be assumed to always be true. - This email was sent using TLC WebMail. http://lodgingcompany.com/
Bug#394182: cppw: copies to /etc/passwd even with -s switch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: passwd Version: 1:4.0.18.1-3 Severity: grave Justification: causes data loss Since some time after sarge, the cppw program does not recognize the -s switch. When -s is given, it is supposed to copy the file to /etc/shadow, but instead it copies it to /etc/passwd, effectively disabling ALL logins. I've looked at the code (in debian/patches/401_cppw_src.dpatch), and noticed it is checking for the obsolete symbol SHADOWPWD before checking for the -s switch. Since that symbol doesn't exist (The Changelog says it has been removed), it goes ahead and copies the file over /etc/passwd instead of /etc/shadow. - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of packages passwd depends on: ii debianutils 2.17.3 Miscellaneous utilities specific t ii libc6 2.3.6.ds1-6 GNU C Library: Shared libraries ii libpam-modules 0.79-3.2 Pluggable Authentication Modules f ii libpam0g0.79-3.2 Pluggable Authentication Modules l ii libselinux1 1.30.28-2SELinux shared libraries ii login 1:4.0.18.1-3 system login tools passwd recommends no packages. - -- debconf information: passwd/password-mismatch: passwd/username: passwd/password-empty: passwd/make-user: true passwd/md5: false passwd/title: passwd/user-uid: passwd/shadow: true passwd/username-bad: passwd/user-fullname: - -- C. Chad Wallace, B.Sc. The Lodging Company http://www.skihills.com/ OpenPGP Public Key ID: 0x262208A0 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFOAS6KeSNHCYiCKARAh4ZAJ9gs6b6aACsvZ+DIFYgKUocDKeT2ACghJm+ C20HmFvOGrccYTzlchiGeKs= =GRyE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394182: [Pkg-shadow-devel] Bug#394182: cppw: copies to /etc/passwd even with -s switch
Quoting C. Chad Wallace ([EMAIL PROTECTED]): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: passwd Version: 1:4.0.18.1-3 Severity: grave Justification: causes data loss Since some time after sarge, the cppw program does not recognize the -s switch. When -s is given, it is supposed to copy the file to /etc/shadow, but instead it copies it to /etc/passwd, effectively disabling ALL logins. I've looked at the code (in debian/patches/401_cppw_src.dpatch), and noticed it is checking for the obsolete symbol SHADOWPWD before checking for the -s switch. Since that symbol doesn't exist (The Changelog says it has been removed), it goes ahead and copies the file over /etc/passwd instead of /etc/shadow. Thank you for your detailed and extensive bug report. We will of course discuss it with Nicolas François who co-maintains the package and I have no doubt that a quick solution will be found within a few days. signature.asc Description: Digital signature
