[Adduser-devel] Bug#327144: adduser: calls chage even when shadow passwords aren't being used

Marc Haber mh+debian-packages at zugschlus.de
Thu Sep 8 17:02:35 UTC 2005


tags #327144 confirmed
retitle #327144 shadow >= 1:4.0.3-37 needed for systems without shadow passwords
thanks

adduser 3.64 introduced code which uses chage to override forced
password changes for system accounts (see #298883).

This code unfortunately fails on systems that don't have shadow
passwords enabled since on non-shadow system no password aging is
possible.

To avoid having to ignore _all_ errors returned by chage, shadow
1:4.0.3-37 up to 1:4.0.11.1-1 had chage return 3 on non-shadow
systems. adduser 3.65 ignores return code 3 from chage, emitting a
warning only.

adduser 3.65 and up, combined with passwd << 1:4.0.3-37 do not support
non-shadow systems.

adduser 3.67.0 will force a reasonably recent passwd version to make
this clear. For older adduser versions, people will have package
installations fail, but will hopefully find this bug report in the BTS.

Unfortunately, shadow upstream decided to change chage's "no shadow
passwords" return code from 3 to 15. The adduser maintaines tried to
avoid this by coordinating with the shadow people, but they decided to
change the return code again nevertheless.

A later version of adduser will thus depend on passwd >= 1:4.0.12 to
synchronize the chage return code with is ignored with passwd.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835




More information about the Adduser-devel mailing list