Your message dated Fri, 4 Dec 2015 19:44:32 +0100
with message-id <[email protected]>
and subject line sulogin locked passwords correctly handled in util-linux
has caused the Debian Bug report #595046,
regarding sulogin: Check for locked root password is wrong
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
595046: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595046
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sysvinit-utils
Version: 2.88dsf-12
Severity: normal
sysvinit includes a patch, 91_sulogin_lockedpw.dpatch, which is intended
to make sulogin skip asking for the root password when the root password
is locked (via passwd -l). This patch was taken from Ubuntu, where the
root password is locked by default. However the patch does not work
correctly if the root password was ever set, meaning it is sometimes
broken in Ubuntu and pretty much always broken in Debian. It relies on
the encrypted password being exactly "!", but locking a password only
prepends "!" to the existing encrypted password, it does not replace it.
The Ubuntu bug is:
https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/268271
The Debian bug that included the patch is:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326678
It looks like it should be rather easy to replace, e.g.:
strcmp(pwd.pw_passwd, "!") == 0
with
pwd.pw_passwd[0] == '!'
Though perhaps a more general check for invalid passwords is warranted.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sysvinit-utils depends on:
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libselinux1 2.0.96-1 SELinux runtime shared libraries
sysvinit-utils recommends no packages.
Versions of packages sysvinit-utils suggests:
pn sash <none> (no description available)
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.88dsf-59.2
Hello!
Closing this bug as I know uti-linux (which now ships sulogin instead of
sysvinit) correctly handles this.
Regards,
Andreas Henriksson
--- End Message ---
_______________________________________________
Pkg-sysvinit-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-sysvinit-devel
