Sarah Jelinek wrote: > Ethan Quach wrote: >> >> >> Sarah Jelinek wrote: >>> Hi Everyone, >>> >>> I tried an AI install in which I set a user name, but no >>> corresponding password for that user in my ai sc manifest. It >>> installed and all and rebooted fine. I wasn't able to log in with >>> that user, with the graphical console anyway, with this >>> combination(user, no password set). Is this supposed to be an >>> allowable combination? >> >> I'm guessing you weren't able to login as root in this case either? >> > No, I couldn't do that either. With a user entry it wouldn't let me > log in as root.
What I suspected. There's code downstream that triggers based on the presence of the login name attribute, and turns root into a role. Was a user with an empty password actually created? i.e. what does /etc/passwd and /etc/shadow have? >> I'm thinking we shouldn't create a user at all if a username was >> provided with no userpass. (with the adequate message in the log) >> > Ok. I am going to test this with text console just to see if it works > there. I am logging info when the user doesn't provide the expected > data. Previously, we were adding a user without a password if that is > what the user specified. oh really? Maybe that is a supported scenario then (per Shawn's scenario?) If this is the case, then shouldn't the user be able to login with a null password, or does it not work like that? If we keep this scenario, then the code downstream which turns root into a role should be triggered off the existence of both, a username and a userpass, not just the username. That code is in libict::ict_set_user_role() -ethan
