Issue 35 in nsscache: When creating shadow the password field in passwd should be set to x
27 views
Skip to first unread message
nssc...@googlecode.com
Sep 7, 2014, 7:30:33 AM9/7/14
to nsscache...@googlegroups.com
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 35 by glanzm...@gmail.com: When creating shadow the password
field in passwd should be set to x
https://code.google.com/p/nsscache/issues/detail?id=35
What steps will reproduce the problem?
1. /etc/nsscache.conf
[DEFAULT]
source = ldap
cache = files
maps = passwd, group, shadow, sshkey
timestamp_dir = /var/lib/nsscache
ldap_uri = ldap://ldap1
ldap_base = dc=domain,dc=de
ldap_filter = (objectclass=posixAccount)
ldap_bind_dn = "cn=Manager,dc=domain,dc=de"
ldap_bind_password = "password"
nssdb_dir = /var/lib/misc
files_dir = /etc
files_cache_filename_suffix = cache
[passwd]
ldap_base = ou=People,dc=domain,dc=de
[group]
ldap_base = ou=Groups,dc=domain,dc=de
ldap_filter = (objectclass=posixGroup)
[shadow]
ldap_base = ou=People,dc=domain,dc=de
ldap_filter = (objectclass=shadowAccount)
[sshkey]
ldap_base = ou=People,dc=domain,dc=de
ldap_filter = (objectclass=ldapPublicKey)
2. Run nsscache update -f
What is the expected output? What do you see instead?
Expected:
(mm1) [~] getent passwd thglanzm
thglanzm:x:10074:10074:Thomas Glanzmann:/home/thglanzm:/bin/bash
Instead:
(mm1) [~] getent passwd thglanzm
thglanzm:*:10074:10074:Thomas Glanzmann:/home/thglanzm:/bin/bash
What version of the product are you using? On what operating system?
The issue happens only with git head, but not with the last release
because there the passwd password field was hard coded to 'x'. But that has
changed.
Please provide any additional information below.
I wrote a small patch which sets the password field in the passwd to 'x'
with a userPassword exists and begins with {crypt}
Attachments:
0001-Set-the-password-field-of-passwd-to-x-if-userPasswor.patch 1.7 KB
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 35 by glanzm...@gmail.com: When creating shadow the password
field in passwd should be set to x
https://code.google.com/p/nsscache/issues/detail?id=35
What steps will reproduce the problem?
1. /etc/nsscache.conf
[DEFAULT]
source = ldap
cache = files
maps = passwd, group, shadow, sshkey
timestamp_dir = /var/lib/nsscache
ldap_uri = ldap://ldap1
ldap_base = dc=domain,dc=de
ldap_filter = (objectclass=posixAccount)
ldap_bind_dn = "cn=Manager,dc=domain,dc=de"
ldap_bind_password = "password"
nssdb_dir = /var/lib/misc
files_dir = /etc
files_cache_filename_suffix = cache
[passwd]
ldap_base = ou=People,dc=domain,dc=de
[group]
ldap_base = ou=Groups,dc=domain,dc=de
ldap_filter = (objectclass=posixGroup)
[shadow]
ldap_base = ou=People,dc=domain,dc=de
ldap_filter = (objectclass=shadowAccount)
[sshkey]
ldap_base = ou=People,dc=domain,dc=de
ldap_filter = (objectclass=ldapPublicKey)
2. Run nsscache update -f
What is the expected output? What do you see instead?
Expected:
(mm1) [~] getent passwd thglanzm
thglanzm:x:10074:10074:Thomas Glanzmann:/home/thglanzm:/bin/bash
Instead:
(mm1) [~] getent passwd thglanzm
thglanzm:*:10074:10074:Thomas Glanzmann:/home/thglanzm:/bin/bash
What version of the product are you using? On what operating system?
The issue happens only with git head, but not with the last release
because there the passwd password field was hard coded to 'x'. But that has
changed.
Please provide any additional information below.
I wrote a small patch which sets the password field in the passwd to 'x'
with a userPassword exists and begins with {crypt}
Attachments:
0001-Set-the-password-field-of-passwd-to-x-if-userPasswor.patch 1.7 KB
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
nssc...@googlecode.com
Sep 8, 2014, 12:32:49 AM9/8/14
to nsscache...@googlegroups.com
Comment #1 on issue 35 by binanh.a...@gmail.com: When creating shadow the
Hello
Can you please help me re-produce how to sync passwd & shadow.
I have problem when run
$nsscache update --full
ERROR:Update:Source map empty during full update, aborting. Use
--force-write to override.
ERROR:Update:Source map empty during full update, aborting. Use
--force-write to override.
$ls -l /var/lib/misc
-rw-r--r-- 1 root root 208896 Sep 8 06:27 group.db
-rw-r--r-- 1 root root 4713 Feb 21 2014 Makefile
It 's confirmed that passwd & shadown was synced.
My configuration
[passwd]
ldap_base = ou=Users,dc=lala,dc=haha
[group]
ldap_base = ou=Groups,dc=lala,dc=haha
ldap_filter = (objectclass=posixGroup)
[shadow]
ldap_base = ou=Users,dc=lala,dc=haha
ldap_filter = (objectclass=posixAccount)
Thank you & Sorry for asking by this way
nssc...@googlecode.com
Oct 20, 2014, 12:36:21 AM10/20/14
to nsscache...@googlegroups.com
Updates:
Status: Accepted
Owner: j...@spacepants.org
Comment #2 on issue 35 by j...@spacepants.org: When creating shadow the
I see, that is incorrect -- an asterisk in the password field is an
indicator to login(1) that the accont may not log in on the console.
An 'x' should be used to indicate shadow password storage.
Status: Accepted
Owner: j...@spacepants.org
Comment #2 on issue 35 by j...@spacepants.org: When creating shadow the
I see, that is incorrect -- an asterisk in the password field is an
indicator to login(1) that the accont may not log in on the console.
An 'x' should be used to indicate shadow password storage.
nssc...@googlecode.com
Oct 20, 2014, 12:55:17 AM10/20/14
to nsscache...@googlegroups.com
Updates:
Status: Fixed
Comment #3 on issue 35 by j...@spacepants.org: When creating shadow the
Fixed in github master.
Status: Fixed
Comment #3 on issue 35 by j...@spacepants.org: When creating shadow the
Fixed in github master.
Reply all
Reply to author
Forward
0 new messages