[Adduser-devel] Bug#625758: 'adduser --disabled-login' does not behave as documented.
Sam Morris
sam at robots.org.uk
Fri Jul 26 10:35:12 UTC 2013
tag 625758 + patch
thanks
With --disabled-password, the password field is set to '!'; with
--disabled-login, it is set to '*'. pam_unix checks for both in
verify_pw_hash:
} else if (!p || *hash == '*' || *hash == '!') {
retval = PAM_AUTH_ERR;
Therefore I don't see the use of having both options, unless some other
software cares about the difference between the two values,
On the assumption that there is no such other software, here is an patch
to note that --disabled-login doesn't do anything that
--disabled-password can't.
I've also changed a few stray '-' characters to '\-'.
--
Sam Morris <https://robots.org.uk/>
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
-------------- next part --------------
A non-text attachment was scrubbed...
Name: adduser-disabled-login.patch
Type: text/x-patch
Size: 2848 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20130726/3b70edad/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20130726/3b70edad/attachment.sig>
More information about the Adduser-devel
mailing list