LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 06-27-2012, 05:38 AM   #1
NoStressHQ
Member
 
Registered: Apr 2010
Location: Lausanne - Switzerland ( Bordeaux - France / Montreal - QC - Canada)
Distribution: Slackware Leet - 32/64bit
Posts: 317

Rep: Reputation: 109Reputation: 109
Question password hashes are (wrongly) stored in /etc/passwd


Hi all,

I just realized than our /etc/passwd file holds the hash of passwords of freshly changed password users.

What I mean is usually the /etc/passwd file holds lines like:
jsmith:x:blabla....

But now I have some users having:
jsmith:#SOMEHASHVALUE#:blabla...

... It's the first time that I see the password in this place. Since 94 I've always been told that "now" passwords where stored in the '/etc/shadow' file, and that's what I've always observed since then.

We checked /etc/login.defs but couldn't find anything pointing us to an explaination.

So does anybody knows how to change this behavior ? (And so set back to the normal 'password shadowing')..

Thanks!

Garry.

Edit: sorry, it's obvious and doesn't change the problem but I'm running Slack64 13.37 (up to date)...

Last edited by NoStressHQ; 06-27-2012 at 07:25 AM.
 
Old 06-27-2012, 08:23 AM   #2
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,122

Rep: Reputation: 819Reputation: 819Reputation: 819Reputation: 819Reputation: 819Reputation: 819Reputation: 819
I had this happen some time ago (like, years).

What I was doing was copying user home directories from another machine and made a mess of it.

If I remember correctly, I was fooling around and added two user accounts to /etc/passwd manually (with vi); i.e., I copy-pasted a line from the file, changed the login name, changed the UID and saved it. I did this manually rather than using passwd as root so there was no entry in /etc/shadow and, when I did use passwd, the hashed password was written into /etc/passwd (and still no entry in /etc/shadow if I remember right.

I think -- think! -- the fix was to remove both lines from /etc/passwd then create them again with passwd; first renaming the home directories to user.bak (because passwd wants to create the home directory). When the /etc/passwd and /etc/shadow entries had been created I simply removed the new home directory and renames the "bak" directory to the proper user name, and did
Code:
chown -R user.group /home/user
for each user name and all was well that ended.

I seem to remember that I tried manually adding entries to /etc/shadow that didn't help but I can't be sure about that.

And I never did that dumbass thing again -- whatever you did and however you did it may vary, eh?

Hope this helps some.

Last edited by tronayne; 06-27-2012 at 08:26 AM.
 
1 members found this post helpful.
Old 06-27-2012, 08:46 AM   #3
NoStressHQ
Member
 
Registered: Apr 2010
Location: Lausanne - Switzerland ( Bordeaux - France / Montreal - QC - Canada)
Distribution: Slackware Leet - 32/64bit
Posts: 317

Original Poster
Rep: Reputation: 109Reputation: 109
Quote:
Originally Posted by tronayne View Post
I had this happen some time ago (like, years).

What I was doing was copying user home directories from another machine and made a mess of it.
Hi tronayne,

Many thanx ! I haven't checked yet but it might be that I did the changes myself, that makes a lot of sense .
I'm impressed how you remember the issue and solution from a problem so improbable !
I'll try to see if I can (pre-)modify the /etc/shadow file myself before overriding the password again with a final 'passwd'...
And that reminds me that on debian or so, you can't modify those files by hand without a warning and you need to use a special "vi-based" script that does all those things safely.
Anyway, I should have use the 'useradd' script, but I wanted "non interactive" user addition.

Thanks again!

Cheers,

Garry.
 
Old 06-27-2012, 08:59 AM   #4
GazL
Senior Member
 
Registered: May 2008
Posts: 3,503

Rep: Reputation: 1027Reputation: 1027Reputation: 1027Reputation: 1027Reputation: 1027Reputation: 1027Reputation: 1027Reputation: 1027
Really have no idea how you've ended up in this situation but pwck, pwconv commands might help you clean things up (remember to take a backup of your passwd and shadow files though just in case something goes wrong).


Also, you may find the newusers command of interest.
 
Old 06-27-2012, 09:03 AM   #5
NoStressHQ
Member
 
Registered: Apr 2010
Location: Lausanne - Switzerland ( Bordeaux - France / Montreal - QC - Canada)
Distribution: Slackware Leet - 32/64bit
Posts: 317

Original Poster
Rep: Reputation: 109Reputation: 109
Yeah I knew for the 'useradd' (or 'adduser' I never remember which way it is ).
I end up there because I need to know the internals in order to develop tools for easy deployment and team installs... Yeah hacking time... Isn't it one of the reason why Slackware is THE distro of (our) choice ?

Cheers.
 
Old 06-27-2012, 09:13 AM   #6
jamesf
Member
 
Registered: Dec 2004
Location: USA
Distribution: Slackware 12 and higher
Posts: 229

Rep: Reputation: 51
Actually, there's both useradd and adduser. IIRC, using useradd you can give options for everything from the command line, making it totally scriptable.

They're both installed by the 'shadow' package, BTW.
 
1 members found this post helpful.
Old 06-27-2012, 10:48 AM   #7
NoStressHQ
Member
 
Registered: Apr 2010
Location: Lausanne - Switzerland ( Bordeaux - France / Montreal - QC - Canada)
Distribution: Slackware Leet - 32/64bit
Posts: 317

Original Poster
Rep: Reputation: 109Reputation: 109
Quote:
Originally Posted by jamesf View Post
They're both installed by the 'shadow' package, BTW.
Thank you for this information.

Cheers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
shadow password hashes themanwhowas Linux - Security 2 04-26-2011 01:32 PM
passwd prompts for new password only once when a short password is entered powah Linux - Security 0 09-19-2007 05:20 PM
Where's kmail password stored ? carcassonne Linux - Software 2 03-12-2007 07:47 AM
(!) can a root password be stored on server database? leduytien Linux - Software 3 10-28-2004 05:10 PM
website username/password cookies - where are they stored? coolamit78 Linux - Software 1 01-27-2004 02:47 PM


All times are GMT -5. The time now is 04:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration