-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: passwd Version: 1:4.0.18.1-3 Severity: grave Justification: causes data loss
Since some time after sarge, the cppw program does not recognize the -s switch. When -s is given, it is supposed to copy the file to /etc/shadow, but instead it copies it to /etc/passwd, effectively disabling ALL logins. I've looked at the code (in debian/patches/401_cppw_src.dpatch), and noticed it is checking for the obsolete symbol SHADOWPWD before checking for the -s switch. Since that symbol doesn't exist (The Changelog says it has been removed), it goes ahead and copies the file over /etc/passwd instead of /etc/shadow. - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of packages passwd depends on: ii debianutils 2.17.3 Miscellaneous utilities specific t ii libc6 2.3.6.ds1-6 GNU C Library: Shared libraries ii libpam-modules 0.79-3.2 Pluggable Authentication Modules f ii libpam0g 0.79-3.2 Pluggable Authentication Modules l ii libselinux1 1.30.28-2 SELinux shared libraries ii login 1:4.0.18.1-3 system login tools passwd recommends no packages. - -- debconf information: passwd/password-mismatch: passwd/username: passwd/password-empty: passwd/make-user: true passwd/md5: false passwd/title: passwd/user-uid: passwd/shadow: true passwd/username-bad: passwd/user-fullname: - -- C. Chad Wallace, B.Sc. The Lodging Company http://www.skihills.com/ OpenPGP Public Key ID: 0x262208A0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFOAS6KeSNHCYiCKARAh4ZAJ9gs6b6aACsvZ+DIFYgKUocDKeT2ACghJm+ C20HmFvOGrccYTzlchiGeKs= =GRyE -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
