On Wed, Jan 07, 2026 at 11:31:38AM +0100, Marc Haber wrote:
> On Wed, Jan 07, 2026 at 11:18:49AM +0100, Chris Hofstaedtler wrote:
> > I'm kinda onboard with rejecting things that are not actual hashes,
> > because that would seem consistent to me with what chpasswd is
> > supposed to do.
>
> Then the documentation should be adapted. That is a rather fundamental
> change in unix semantics, I have seen that way to lock accounts all over all
> places.
Don't get me wrong... in /etc/shadow directly: sure.
But in the input to chpasswd? That seems a bit weird to me?
chpasswd(8) says
-e, --encrypted
Supplied passwords are in encrypted form.
... which doesn't say much :-)
But I don't have a strong opinion either way.
Chris
