In adduser in coreutils, the behavior of --disabled-password sets the
users hash in /etc/shadow to a single asterisk. It looks like busybox
adduser '-D' option is supposed to be analogous to the behavior of
coreutils '--disabled-password'.
loginutils/adduser.c:171 @ bd8b05ba1
` "disabled-password\0" No_argument "D"
However, as it stands, busybox's adduser '-D' will set the hash to denote
the account is locked. I think because of this issue, and the
function/assumptions
that can be drawn from an account being locked, the default hash should be
an
asterisk.
--
diff --git a/loginutils/adduser.c b/loginutils/adduser.c
index d3c795afa..c3929ad20 100644
--- a/loginutils/adduser.c
+++ b/loginutils/adduser.c
@@ -263,7 +263,7 @@ int adduser_main(int argc UNUSED_PARAM, char **argv)
* 8. unix date when login expires (i.e. when it may no longer be
used)
*/
/* fields: 2 3 4 5 6 78 */
- p = xasprintf("!:%u:0:99999:7:::", (unsigned)(time(NULL)) /
(24*60*60));
+ p = xasprintf("*:%u:0:99999:7:::", (unsigned)(time(NULL)) /
(24*60*60));
/* ignore errors: if file is missing we suppose admin doesn't want
it */
update_passwd(bb_path_shadow_file, pw.pw_name, p, NULL);
if (ENABLE_FEATURE_CLEAN_UP)
--
Thanks,
Donovan Keohane
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
