Re: [suse-security] Making shadow passwords compulsory

[Dirk Schreiner <dirk.schreiner@xxxxxxx>]

Hi,

now see, this is the default how passwd works under
Linux. (Not only SuSE ;-))
If you want to restrict use of passwd to certain users,
you should play with chmod and chown.
Not with the files.

Greetings
       Dirk


Michael.James@xxxxxxxx schrieb:
> Suse's "passwd" utility has a bit of undesired behaviour.
>
> Most of my users don't have entries in shadow,
>  they depend on pam_krb5 for authentication.
>
> So /etc/shadow is very short,
>  it only has lines for root and a few sysadmins.
>
> I want for everyone else (system accounts like FTP and regular users)
>  to be denied even the possibility of a locally stored password.
>
> Now in the past (under solaris) passwd would grumble and fail
>  unless that username already had a line present in shadow.
>
> THIS passwd just bungs the encrypted string into /etc/passwd! Argh!
> Nobody ever wants to go back to un-shadowed passwords.
> How can I turn off this unwantedly obliging behaviour?
>
> TIA,
> michaelj


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here