Bugtraq mailing list archives
Re: Oddities in RH 5.0
From: rasmusin () WPI EDU (Frank Sweetser)
Date: Sun, 28 Dec 1997 14:31:09 -0500
==> Regarding Oddities in RH 5.0; Tres Melton <tres () chaffee net> adds: tres> Please forgive me if this post is not appropriate for either of these tres> two groups since I just joined redhat-list and this is my first post tres> to either redhat or bugtraq (except for a previous plea for help that tres> Aleph One answered on BUGTRAQ). tres> I have Redhat 5.0 (that came with an Applixware update) and have tres> installed it on my system. I have run pwconv to change to shadowed tres> passwords. This is an extremly limited installation (nothing checked tres> on the install options). I have then added only certain packages tres> (some binary and some source). I have installed the shadow-utils and tres> passwd SRPMS as well. tres> If I run "useradd -p pass1 test1" I get the oddest thing in tres> /etc/shadow: tres> test1:pass1:10223:0:99999:7::: This does look like a bug. Try reporting it to bugs () redhat com and hurricane-list () redhat com, that's where such reports should go. tres> /etc/shadow: test2:!:10223:0:99999:7::: /etc/passwd: tres> test2:x:502:502::/home/test:/bin/bash tres> looks cool so far right? Now run "passwd test2" and set the tres> password. Now the entries read like so: tres> /etc/shadow: test2:!:10223:0:99999:7::: /etc/passwd: tres> test2:R0KYaK5ivSnk6:501:501::/home/test2:/bin/bash tres> Seems to me like it updated the wrong file. You need to add the shadow argument to the pam_pwdb.so line in /etc/pam.d/passwd, so it looks something like this: auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so retry=3 password required /lib/security/pam_pwdb.so shadow use_authtok nullok -- Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available paramount.res.wpi.net RedHat 5.0 Linux 2.0.33 i586 | at public servers Coach: Can I draw you a beer, Norm? Norm: No, I know what they look like. Just pour me one. -- Cheers, No Help Wanted
Current thread:
- Oddities in RH 5.0 Tres Melton (Dec 28)
- Re: Oddities in RH 5.0 Frank Sweetser (Dec 28)
- Re: Oddities in RH 5.0 King O' Fun (Dec 28)
- Re: Oddities in RH 5.0 Chris Bond (Dec 28)
- AIX 4.x Mount S. Ryan Quick (Dec 28)
- Re: AIX 4.x Mount Troy A. Bollinger (Dec 28)
- iPass RoamServer 3.1 Chris A. Epler (Dec 29)
- Apache DoS attack? Micha? Zalewski (Dec 30)
- Re: Apache DoS attack? Mark Lowes (Dec 30)
- Re: Apache DoS attack? Pancrazio DE MAURO (Dec 30)