Re: [gentoo-user] Users in passwd/shadow

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: Dan Farrell <dan@spore.ath.cx>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Users in passwd/shadow
Date: Mon, 1 Oct 2007 16:37:00 -0500	[thread overview]
Message-ID: <20071001163700.141e3938@pascal.spore.ath.cx> (raw)
In-Reply-To: <20071001074737.GA9312@bart.simpsons.bs.loc>

On Mon, 1 Oct 2007 09:47:37 +0200
Bertram Scharpf <lists@bertram-scharpf.de> wrote:

> Hi,
> 
> Am Sonntag, 30. Sep 2007, 20:15:06 -0500 schrieb Dan Farrell:
> > On Sun, 30 Sep 2007 04:30:11 +0200
> > Bertram Scharpf <lists@bertram-scharpf.de> wrote:
> > > Now I detect there are users in passwd that don't have a
> > > shadow entry...
> > that makes sense, because some users aren't allowed to log in.  For
> > example: 
> > |  man:x:13:15:man:/usr/share/man:/bin/false
> > the man user can't log in.  the shell is /bin/false.  
> 
> I detected it because there is a warning message in case
> there is _no_ shadow entry. Instantiating an _empty_ shadow
> entry makes it disappear:
> 
>   myhost ~ # su - man
>   su: Authentication service cannot retrieve authentication
>   info.
>   (Ignored)
>   myhost ~ # su - portage
>   su: Authentication service cannot retrieve authentication
>   info.
>   (Ignored)
>   myhost ~ # vi /etc/shadow
>   myhost ~ # grep portage /etc/shadow
>   portage:!:13784:0:99999:7:::
>   myhost ~ # su - portage
>   myhost ~ # echo $?
>   1
>   myhost ~ #                    
> 
> 
> Bertram
> 
> 
You cannot 'su' to that user because they don't have authentication
info.  In other words, a missing password is not the same as an empty
password.  

I wonder if you could run a program as a particular user if they only
had authentication info in shadow?  I am guessing not, since they
wouldn't have an associated uid, group, and so on.  But, if possible,
it would explain the situation.
-- 
gentoo-user@gentoo.org mailing list

     prev parent reply	other threads:[~2007-10-01 21:52 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-09-30  2:30 [gentoo-user] Users in passwd/shadow Bertram Scharpf
2007-10-01  1:15 ` Dan Farrell
2007-10-01  7:47   ` Bertram Scharpf
2007-10-01 21:37     ` Dan Farrell [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20071001163700.141e3938@pascal.spore.ath.cx \
    --to=dan@spore.ath.cx \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox