Happy Hogmanay/New Year/etc..., My rc.firsttime script highlighted a change on 6.0's usermod:
<root@oak:tmp 0># fgrep operator /etc/master.passwd operator:*:2:5::0:0:System &:/operator:/sbin/nologin <root@oak:tmp 0># usermod -L daemon -p '*************' -s /bin/ksh operator usermod: Invalid password: `*' <root@oak:tmp 0> (1) # uname -a OpenBSD oak.britvault.co.uk 6.0 GENERIC#1917 i386 <root@oak:tmp 0># pkg_info -I passwdqc passwdqc-1.3.0p1 complexity checker for passwd(1) and password generator Could this be related to commit 112 of user.c? Remove the encrypted password length check. The admin should be able to put whatever they like in the encrypted password field, regardless of whether it can be matched or not. Having this check just makes it harder to add new encrypted password functions. This also fixes "usermode -Z" which was the impetus for the change. http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/user/user.c.diff?r1=1.111&r2=1.112&f=h Or do I need to do it differently now? Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
