Ubuntu
john package

Bug John, suppression de /etc/shadow

Bug #13242 reported by Debian Bug Importer
4
Affects Status Importance Assigned to Milestone
john (Debian)
Fix Released
Unknown
john (Ubuntu)
Fix Released
Medium
Matt Zimmerman

Bug Description

Automatically imported from Debian bug report #296766 http://bugs.debian.org/296766

See original description
Revision history for this message
In , test (trichet-olivier) wrote : John: deletion of /etc/shadow [was Re: Bug John, suppression de /etc/shadow]

> Package: John
>
> Apres une mise a jour du package John il y a environ 4 jours,
> mon /etc/shadow etait supprime toutes les nuits.
> John etait dans la cron afin de verifier toutes les nuits
> les mots de passes des utilisateurs, et lors de son demarrage,
> il supprimais directement les fichiers /etc/shadow* et quittais.
>
After an update of john's package 4 days ago, my /etc/shadow file was
deleted each night. John was in the cron in order to check users'
password each night, but on startup it deleted all /etc/shadow* file and
exited.

> Mon fichier de conf :
my configuration file:

> #cat /etc/john/john-mail.conf
>
> # These are the shells that should be ignored by john. If you
> # install falselogin, for example, you may want to add it to
> # the list.
> shells=-,/bin/false,/dev/null,/bin/sync
>
> # This is the mail command. You may actually use any program
> # here; the message in /etc/john.msg will be piped into it,
> # with the login name and host name substituted.
> # You may want to use a program to log information about
> # weak passwords (but that means sensitive information would be
> # kept somewhere - be careful!)
> mailcmd=/usr/sbin/sendmail
>
> # This is the passfile, which defines a temporary file that
> contains # the content of /etc/passwd and /etc/shadow while the cronjob
> is run. # Since this file contains sensible data, no default is
> provided and # you need to specify a file name to be used."
> passfile=/etc/shadow
>
> Un # de la derniere ligne a reussit a supprimer le probleme.
> Le package est desinstalle.

Commenting out the last line solved the problem.
The package is removed.

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : severity of 296766 is critical

# Automatically generated email from bts, devscripts version 2.8.10
severity 296766 critical

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : tagging 296766

# Automatically generated email from bts, devscripts version 2.8.10
tags 296766 pending

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : retitle 296766 to john: should be clearer on the explanation of passfile directive

# Automatically generated email from bts, devscripts version 2.8.10
retitle 296766 john: should be clearer on the explanation of passfile directive

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : severity of 296766 is important

# Automatically generated email from bts, devscripts version 2.8.10
severity 296766 important

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #296766 http://bugs.debian.org/296766

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Thu, 24 Feb 2005 15:35:07 +0100
From: Yoann <email address hidden>
To: <email address hidden>
Subject: Bug John, suppression de /etc/shadow

Package: John

Apres une mise a jour du package John il y a environ 4 jours,
mon /etc/shadow etait supprime toutes les nuits.
John etait dans la cron afin de verifier toutes les nuits
les mots de passes des utilisateurs, et lors de son demarrage,
il supprimais directement les fichiers /etc/shadow* et quittais.

Mon fichier de conf :
#cat /etc/john/john-mail.conf

    # These are the shells that should be ignored by john. If you
    # install falselogin, for example, you may want to add it to
    # the list.
    shells=-,/bin/false,/dev/null,/bin/sync

    # This is the mail command. You may actually use any program
    # here; the message in /etc/john.msg will be piped into it,
    # with the login name and host name substituted.
    # You may want to use a program to log information about
    # weak passwords (but that means sensitive information would be
    # kept somewhere - be careful!)
    mailcmd=/usr/sbin/sendmail

    # This is the passfile, which defines a temporary file that contains
    # the content of /etc/passwd and /etc/shadow while the cronjob is run.
    # Since this file contains sensible data, no default is provided and
    # you need to specify a file name to be used."
    passfile=/etc/shadow

Un # de la derniere ligne a reussit a supprimer le probleme.
Le package est desinstalle.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Thu, 24 Feb 2005 16:50:20 +0100
From: Olivier Trichet <email address hidden>
To: <email address hidden>
Subject: John: deletion of /etc/shadow [was Re: Bug John, suppression de /etc/shadow]

> Package: John
>
> Apres une mise a jour du package John il y a environ 4 jours,
> mon /etc/shadow etait supprime toutes les nuits.
> John etait dans la cron afin de verifier toutes les nuits
> les mots de passes des utilisateurs, et lors de son demarrage,
> il supprimais directement les fichiers /etc/shadow* et quittais.
>
After an update of john's package 4 days ago, my /etc/shadow file was
deleted each night. John was in the cron in order to check users'
password each night, but on startup it deleted all /etc/shadow* file and
exited.

> Mon fichier de conf :
my configuration file:

> #cat /etc/john/john-mail.conf
>
> # These are the shells that should be ignored by john. If you
> # install falselogin, for example, you may want to add it to
> # the list.
> shells=-,/bin/false,/dev/null,/bin/sync
>
> # This is the mail command. You may actually use any program
> # here; the message in /etc/john.msg will be piped into it,
> # with the login name and host name substituted.
> # You may want to use a program to log information about
> # weak passwords (but that means sensitive information would be
> # kept somewhere - be careful!)
> mailcmd=/usr/sbin/sendmail
>
> # This is the passfile, which defines a temporary file that
> contains # the content of /etc/passwd and /etc/shadow while the cronjob
> is run. # Since this file contains sensible data, no default is
> provided and # you need to specify a file name to be used."
> passfile=/etc/shadow
>
> Un # de la derniere ligne a reussit a supprimer le probleme.
> Le package est desinstalle.

Commenting out the last line solved the problem.
The package is removed.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1D4LaA-0001tY-8y@localhost>
Date: Thu, 24 Feb 2005 13:11:18 -0300
From: Guilherme de S. Pastore <email address hidden>
To: <email address hidden>
Subject: severity of 296766 is critical

# Automatically generated email from bts, devscripts version 2.8.10
severity 296766 critical

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1D4LaN-0001te-5k@localhost>
Date: Thu, 24 Feb 2005 13:11:31 -0300
From: Guilherme de S. Pastore <email address hidden>
To: <email address hidden>
Subject: tagging 296766

# Automatically generated email from bts, devscripts version 2.8.10
tags 296766 pending

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1D4LrH-0002Kc-FL@localhost>
Date: Thu, 24 Feb 2005 13:28:59 -0300
From: Guilherme de S. Pastore <email address hidden>
To: <email address hidden>
Subject: retitle 296766 to john: should be clearer on the explanation of passfile directive

# Automatically generated email from bts, devscripts version 2.8.10
retitle 296766 john: should be clearer on the explanation of passfile directive

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1D4Lzt-0002Mg-3I@localhost>
Date: Thu, 24 Feb 2005 13:37:53 -0300
From: Guilherme de S. Pastore <email address hidden>
To: <email address hidden>
Subject: severity of 296766 is important

# Automatically generated email from bts, devscripts version 2.8.10
severity 296766 important

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : tagging 296766, severity of 296766 is minor

# Automatically generated email from bts, devscripts version 2.8.14
tags 296766 - pending
severity 296766 minor

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : john

tag 296766 pending

--
Guilherme de S. Pastore (fatalerror)
<email address hidden>

Revision history for this message
In , Guilherme de S. Pastore (fatalerror) wrote : Bug#296766: fixed in john 1.6-35
Download full text (3.6 KiB)

Source: john
Source-Version: 1.6-35

We believe that the bug you reported is fixed in the latest version of
john, which is due to be installed in the Debian FTP archive:

john_1.6-35.diff.gz
  to pool/main/j/john/john_1.6-35.diff.gz
john_1.6-35.dsc
  to pool/main/j/john/john_1.6-35.dsc
john_1.6-35_i386.deb
  to pool/main/j/john/john_1.6-35_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilherme de S. Pastore <email address hidden> (supplier of updated john package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 30 Jul 2005 12:20:02 -0300
Source: john
Binary: john
Architecture: source i386
Version: 1.6-35
Distribution: unstable
Urgency: low
Maintainer: Guilherme de S. Pastore <email address hidden>
Changed-By: Guilherme de S. Pastore <email address hidden>
Description:
 john - active password cracking tool
Closes: 296766 314258
Changes:
 john (1.6-35) unstable; urgency=low
 .
   * Moved john-any and john-mmx to /usr/lib/john on i386, as the user
     is not supposed (and won't be able) to run them directly
   * Fix stupid usage of debian/john.install that broke a couple of things
     in -34 (not uploaded to Debian, at least)
   * debian/extra/john-mail.conf:
     - Make it clear(er) that one shouldn't put the path to the system
       password file in the passfile directive (Closes: #296766)
 .
 john (1.6-34) unstable; urgency=low
 .
   * debian/control:
     - Rewrote both short and long description
     - Updated Standards-Version to 3.6.2 with no changes
     - Christian Kurz is really MIA, as he stated he would be. Removed
       him from Uploaders. Thanks for the great work!
   * debian/docs:
     - Move installation of doc/NEWS to john.install, so we don't have to
       manually rename it in debian/rules
   * debian/examples:
     - Removed run/john.ini from the list, it's the configuration file
   * debian/po:
     - de.po, es.po: unfuzzied header
     - pt_BR.po: converted from ISO-8859-1 to UTF-8
     - vi.po: added Vietnamese translation from Clytie Siddall (Closes: #314258)
   * debian/rules:
     - General cleanups
     - Don't strip files manually: dh_strip handles this
     - Moved manpages installation to debian/john.manpages
     - Don't include cdbs's buildcore.mk: it's included by debhelper.mk
     - Properly use dpkg-architecture instead of dpkg --print-architecture
     - Added /var/run/john to DEB_FIXPERMS_EXCLUDE: the location needs to
       be safe from normal user reading
     - Symlinks are now handled within debian/john.links, and always point
       to /usr/sbin/john, as the script should handle non-MMX machines
   * debian/README.wordlists:
     - Rewritten from scratch for better language
     - Removed re...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1DWFLx-0001ji-0b@localhost>
Date: Thu, 12 May 2005 12:11:56 -0300
From: Guilherme de S. Pastore <email address hidden>
To: <email address hidden>
Subject: tagging 296766, severity of 296766 is minor

# Automatically generated email from bts, devscripts version 2.8.14
tags 296766 - pending
severity 296766 minor

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Sat, 30 Jul 2005 12:27:23 -0300
From: "Guilherme de S. Pastore" <email address hidden>
To: <email address hidden>
Subject: john

tag 296766 pending

--
Guilherme de S. Pastore (fatalerror)
<email address hidden>

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (3.8 KiB)

Message-Id: <email address hidden>
Date: Sun, 31 Jul 2005 17:17:10 -0700
From: <email address hidden> (Guilherme de S. Pastore)
To: <email address hidden>
Subject: Bug#296766: fixed in john 1.6-35

Source: john
Source-Version: 1.6-35

We believe that the bug you reported is fixed in the latest version of
john, which is due to be installed in the Debian FTP archive:

john_1.6-35.diff.gz
  to pool/main/j/john/john_1.6-35.diff.gz
john_1.6-35.dsc
  to pool/main/j/john/john_1.6-35.dsc
john_1.6-35_i386.deb
  to pool/main/j/john/john_1.6-35_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilherme de S. Pastore <email address hidden> (supplier of updated john package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 30 Jul 2005 12:20:02 -0300
Source: john
Binary: john
Architecture: source i386
Version: 1.6-35
Distribution: unstable
Urgency: low
Maintainer: Guilherme de S. Pastore <email address hidden>
Changed-By: Guilherme de S. Pastore <email address hidden>
Description:
 john - active password cracking tool
Closes: 296766 314258
Changes:
 john (1.6-35) unstable; urgency=low
 .
   * Moved john-any and john-mmx to /usr/lib/john on i386, as the user
     is not supposed (and won't be able) to run them directly
   * Fix stupid usage of debian/john.install that broke a couple of things
     in -34 (not uploaded to Debian, at least)
   * debian/extra/john-mail.conf:
     - Make it clear(er) that one shouldn't put the path to the system
       password file in the passfile directive (Closes: #296766)
 .
 john (1.6-34) unstable; urgency=low
 .
   * debian/control:
     - Rewrote both short and long description
     - Updated Standards-Version to 3.6.2 with no changes
     - Christian Kurz is really MIA, as he stated he would be. Removed
       him from Uploaders. Thanks for the great work!
   * debian/docs:
     - Move installation of doc/NEWS to john.install, so we don't have to
       manually rename it in debian/rules
   * debian/examples:
     - Removed run/john.ini from the list, it's the configuration file
   * debian/po:
     - de.po, es.po: unfuzzied header
     - pt_BR.po: converted from ISO-8859-1 to UTF-8
     - vi.po: added Vietnamese translation from Clytie Siddall (Closes: #314258)
   * debian/rules:
     - General cleanups
     - Don't strip files manually: dh_strip handles this
     - Moved manpages installation to debian/john.manpages
     - Don't include cdbs's buildcore.mk: it's included by debhelper.mk
     - Properly use dpkg-architecture instead of dpkg --print-architecture
     - Added /var/run/john to DEB_FIXPERMS_EXCLUDE: the location needs to
       be safe from normal user reading
     - Symlinks are now ...

Read more...

Revision history for this message
Dennis Kaarsemaker (dennis) wrote :

Fixed debian package is available in dapper

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.