Ubuntu
shadow package

passwd - lets root password unset

Bug #7132 reported by Debian Bug Importer
6
Affects Status Importance Assigned to Milestone
shadow (Debian)
Fix Released
Unknown
shadow (Ubuntu)
Invalid
High
Unassigned

Bug Description

Automatically imported from Debian bug report #260799 http://bugs.debian.org/260799

See original description
Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #260799 http://bugs.debian.org/260799

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Thu, 22 Jul 2004 11:39:05 +0200
From: Bastian Blank <email address hidden>
To: <email address hidden>
Subject: passwd - lets root password unset

--DBIVS5p969aUjpLe
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Package: passwd
Version: 1:4.0.3-29.1
Severity: critical

passwd config script lets the root password unset if a user entry in the
/etc/passwd or /etc/shadow file matches the string "root" and have a
password.

The right check for the root user is "^root:".

Bastian

--=20
Only a fool fights in a burning house.
  -- Kank the Klingon, "Day of the Dove", stardate unknown

--DBIVS5p969aUjpLe
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iEYEARECAAYFAkD/izkACgkQnw66O/MvCNHWCQCfd0eDgNxS1vIckvfO/INeOF5r
0jIAn3U8J57mQ/68wI8yLWrvBo9rIR9V
=Hl05
-----END PGP SIGNATURE-----

--DBIVS5p969aUjpLe--

Revision history for this message
In , Karl Ramm (kcr) wrote : Re: Bug#260799: passwd - lets root password unset

Are you saying that it unsets the root password, or that it never asks, or
that it just lets you set it to nothing?

kcr

Bastian Blank <email address hidden> writes:

> Package: passwd
> Version: 1:4.0.3-29.1
> Severity: critical
>
> passwd config script lets the root password unset if a user entry in the
> /etc/passwd or /etc/shadow file matches the string "root" and have a
> password.
>
> The right check for the root user is "^root:".
>
> Bastian
>
> --
> Only a fool fights in a burning house.
> -- Kank the Klingon, "Day of the Dove", stardate unknown

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: 22 Jul 2004 18:04:39 -0400
From: <email address hidden>
To: Bastian Blank <email address hidden>, <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

Are you saying that it unsets the root password, or that it never asks, or
that it just lets you set it to nothing?

kcr

Bastian Blank <email address hidden> writes:

> Package: passwd
> Version: 1:4.0.3-29.1
> Severity: critical
>
> passwd config script lets the root password unset if a user entry in the
> /etc/passwd or /etc/shadow file matches the string "root" and have a
> password.
>
> The right check for the root user is "^root:".
>
> Bastian
>
> --
> Only a fool fights in a burning house.
> -- Kank the Klingon, "Day of the Dove", stardate unknown

Revision history for this message
In , Javier Fernández-Sanguino (jfs) wrote : Clarification and patch for this bug

tags 260799 patch
thanks

I believe the reporter suggests that, the way the check for root's password
is done, it will not prompt for a password if you have a user with a 'root'
substring (for example 'joeroot') which does have a password.

The attached patch for debian/passwd.config might clarify this issue
better.

Regards

Javier

Revision history for this message
In , Matt Zimmerman (mdz) wrote : Re: Bug#260799: passwd - lets root password unset

On Thu, Jul 22, 2004 at 06:04:39PM -0400, <email address hidden> wrote:

> Are you saying that it unsets the root password, or that it never asks, or
> that it just lets you set it to nothing?

I assume he's referring to this function:

# Returns a true value if root already has a password.
root_password () {
        # Assume there is a root password if NIS is being used.
        if egrep -q '^+:' /etc/passwd; then
                return 0
        fi

        if [ -e /etc/shadow ] && \
           [ "`grep root /etc/shadow | cut -d : -f 2`" ]; then
                return 0
        fi

        if [ "`grep root /etc/passwd | cut -d : -f 2`" -a \
             "`grep root /etc/passwd | cut -d : -f 2`" != 'x' ]; then
                return 0
        fi

        return 1
}

Shouldn't this use getent, rather than directly accessing passwd/shadow?

Looking at the .config script, a 0 return from this function means that the
admin is not prompted to set a root password. This doesn't seem
particularly serious, since this is only an issue when first installing the
system, at which time there are unlikely to be any non-system users in the
passwd file yet...

--
 - mdz

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 02:20:53 +0200
From: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: Clarification and patch for this bug

--TiqCXmo5T1hvSQQg
Content-Type: multipart/mixed; boundary="7iMSBzlTiPOCCT2k"
Content-Disposition: inline

--7iMSBzlTiPOCCT2k
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

tags 260799 patch
thanks

I believe the reporter suggests that, the way the check for root's password
is done, it will not prompt for a password if you have a user with a 'root'
substring (for example 'joeroot') which does have a password.

The attached patch for debian/passwd.config might clarify this issue=20
better.

Regards

Javier

--7iMSBzlTiPOCCT2k
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="passwd.config.diff"
Content-Transfer-Encoding: quoted-printable

--- passwd.config.orig 2004-07-23 02:15:08.000000000 +0200
+++ passwd.config 2004-07-23 02:15:48.000000000 +0200
@@ -39,12 +39,12 @@
  fi
=20
  if [ -e /etc/shadow ] && \
- [ "`grep root /etc/shadow | cut -d : -f 2`" ]; then
+ [ "`grep ^root: /etc/shadow | cut -d : -f 2`" ]; then
   return 0
  fi
 =09
- if [ "`grep root /etc/passwd | cut -d : -f 2`" -a \
- "`grep root /etc/passwd | cut -d : -f 2`" !=3D 'x' ]; then
+ if [ "`grep ^root: /etc/passwd | cut -d : -f 2`" -a \
+ "`grep ^root: /etc/passwd | cut -d : -f 2`" !=3D 'x' ]; then
   return 0
  fi
=20

--7iMSBzlTiPOCCT2k--

--TiqCXmo5T1hvSQQg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBAFnli4sehJTrj0oRAsREAKCgPsA6Z+Yq2LQx6rpEnct+PJMc1gCbBBKS
uCXhBqFrSvPi1npcXpxn0Xc=
=K+P/
-----END PGP SIGNATURE-----

--TiqCXmo5T1hvSQQg--

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Thu, 22 Jul 2004 17:55:06 -0700
From: Matt Zimmerman <email address hidden>
To: <email address hidden>, <email address hidden>
Cc: Bastian Blank <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

On Thu, Jul 22, 2004 at 06:04:39PM -0400, <email address hidden> wrote:

> Are you saying that it unsets the root password, or that it never asks, or
> that it just lets you set it to nothing?

I assume he's referring to this function:

# Returns a true value if root already has a password.
root_password () {
        # Assume there is a root password if NIS is being used.
        if egrep -q '^+:' /etc/passwd; then
                return 0
        fi

        if [ -e /etc/shadow ] && \
           [ "`grep root /etc/shadow | cut -d : -f 2`" ]; then
                return 0
        fi

        if [ "`grep root /etc/passwd | cut -d : -f 2`" -a \
             "`grep root /etc/passwd | cut -d : -f 2`" != 'x' ]; then
                return 0
        fi

        return 1
}

Shouldn't this use getent, rather than directly accessing passwd/shadow?

Looking at the .config script, a 0 return from this function means that the
admin is not prompted to set a root password. This doesn't seem
particularly serious, since this is only an issue when first installing the
system, at which time there are unlikely to be any non-system users in the
passwd file yet...

--
 - mdz

Revision history for this message
In , Christian Perrier (bubulle) wrote : Re: Bug#260799: Clarification and patch for this bug

Quoting Javier Fernández-Sanguino Peña (<email address hidden>):
> tags 260799 patch
> thanks

Karl, this for checking that you got my diff for the 29.1 NMU patch I
just made.....one day before this bug was discovered.

I guess you will make a new upload of the shadow package for fixing
this bug very soon.

If, for some reason, you lack time for it, I still have time for doing
a 29.2 NMU from my build tree, using Javier's patch. This can be made
today (7/23) of this week-end. After, I will leave for 3 weeks.

Revision history for this message
In , Bastian Blank (waldi) wrote : Re: Bug#260799: passwd - lets root password unset

On Thu, Jul 22, 2004 at 05:55:06PM -0700, Matt Zimmerman wrote:
> Looking at the .config script, a 0 return from this function means that the
> admin is not prompted to set a root password. This doesn't seem
> particularly serious, since this is only an issue when first installing the
> system, at which time there are unlikely to be any non-system users in the
> passwd file yet...

Which does not mean that other system users don't match the string
"root". D-i adds one sometimes.

Bastian

--
Hailing frequencies open, Captain.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 07:24:13 +0200
From: Christian Perrier <email address hidden>
To: <email address hidden>
Subject: Re: Bug#260799: Clarification and patch for this bug

Quoting Javier Fern=E1ndez-Sanguino Pe=F1a (<email address hidden>):
> tags 260799 patch
> thanks

Karl, this for checking that you got my diff for the 29.1 NMU patch I
just made.....one day before this bug was discovered.

I guess you will make a new upload of the shadow package for fixing
this bug very soon.

If, for some reason, you lack time for it, I still have time for doing
a 29.2 NMU from my build tree, using Javier's patch. This can be made
today (7/23) of this week-end. After, I will leave for 3 weeks.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 09:34:24 +0200
From: Bastian Blank <email address hidden>
To: Matt Zimmerman <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jul 22, 2004 at 05:55:06PM -0700, Matt Zimmerman wrote:
> Looking at the .config script, a 0 return from this function means that t=
 he
> admin is not prompted to set a root password. This doesn't seem
> particularly serious, since this is only an issue when first installing t=
 he
> system, at which time there are unlikely to be any non-system users in the
> passwd file yet...

Which does not mean that other system users don't match the string
"root". D-i adds one sometimes.

Bastian

--=20
Hailing frequencies open, Captain.

--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iEYEARECAAYFAkEAv4AACgkQnw66O/MvCNGLDQCeL4zvPWVeggUHBxFdBsHAgCbV
lYEAnRCt23KVtxWboXYz0HNlKBcNwbGy
=5BkL
-----END PGP SIGNATURE-----

--HlL+5n6rz5pIUxbD--

Revision history for this message
In , Matt Zimmerman (mdz) wrote :

On Fri, Jul 23, 2004 at 09:34:24AM +0200, Bastian Blank wrote:

> On Thu, Jul 22, 2004 at 05:55:06PM -0700, Matt Zimmerman wrote:
> > Looking at the .config script, a 0 return from this function means that the
> > admin is not prompted to set a root password. This doesn't seem
> > particularly serious, since this is only an issue when first installing the
> > system, at which time there are unlikely to be any non-system users in the
> > passwd file yet...
>
> Which does not mean that other system users don't match the string
> "root". D-i adds one sometimes.

I have never seen it. What is the name of the user?

--
 - mdz

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 08:59:38 -0700
From: Matt Zimmerman <email address hidden>
To: Bastian Blank <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

On Fri, Jul 23, 2004 at 09:34:24AM +0200, Bastian Blank wrote:

> On Thu, Jul 22, 2004 at 05:55:06PM -0700, Matt Zimmerman wrote:
> > Looking at the .config script, a 0 return from this function means that the
> > admin is not prompted to set a root password. This doesn't seem
> > particularly serious, since this is only an issue when first installing the
> > system, at which time there are unlikely to be any non-system users in the
> > passwd file yet...
>
> Which does not mean that other system users don't match the string
> "root". D-i adds one sometimes.

I have never seen it. What is the name of the user?

--
 - mdz

Revision history for this message
In , Bastian Blank (waldi) wrote :

On Fri, Jul 23, 2004 at 08:59:38AM -0700, Matt Zimmerman wrote:
> > Which does not mean that other system users don't match the string
> > "root". D-i adds one sometimes.
> I have never seen it. What is the name of the user?

| .../trunk/packages/network-console$ grep installer prebaseconfig
| TEMPLATE_ROOT=debian-installer/network-console
| echo 'installer:x:0:0:installer:/:/root/network-console-base-config' >> /target/etc/passwd
| grep "^installer:" /etc/shadow >> /target/etc/shadow

Bastian

--
Too much of anything, even love, isn't necessarily a good thing.
  -- Kirk, "The Trouble with Tribbles", stardate 4525.6

Revision history for this message
In , Matt Zimmerman (mdz) wrote :

On Fri, Jul 23, 2004 at 11:59:08PM +0200, Bastian Blank wrote:

> On Fri, Jul 23, 2004 at 08:59:38AM -0700, Matt Zimmerman wrote:
> > > Which does not mean that other system users don't match the string
> > > "root". D-i adds one sometimes.
> > I have never seen it. What is the name of the user?
>
> | .../trunk/packages/network-console$ grep installer prebaseconfig
> | TEMPLATE_ROOT=debian-installer/network-console
> | echo 'installer:x:0:0:installer:/:/root/network-console-base-config' >> /target/etc/passwd
> | grep "^installer:" /etc/shadow >> /target/etc/shadow

Interesting; I never encountered it. Is this architecture-specific or
something?

Anyway, the fix for this bug is known and trivial...

--
 - mdz

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 23:59:08 +0200
From: Bastian Blank <email address hidden>
To: Matt Zimmerman <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 23, 2004 at 08:59:38AM -0700, Matt Zimmerman wrote:
> > Which does not mean that other system users don't match the string
> > "root". D-i adds one sometimes.
> I have never seen it. What is the name of the user?

| .../trunk/packages/network-console$ grep installer prebaseconfig=20
| TEMPLATE_ROOT=3Ddebian-installer/network-console
| echo 'installer:x:0:0:installer:/:/root/network-console-base-config' >> /=
target/etc/passwd
| grep "^installer:" /etc/shadow >> /target/etc/shadow

Bastian

--=20
Too much of anything, even love, isn't necessarily a good thing.
  -- Kirk, "The Trouble with Tribbles", stardate 4525.6

--lrZ03NoBR/3+SXJZ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iEYEARECAAYFAkEBiiwACgkQnw66O/MvCNEmsACfczlDsSndAssb3B3pjYdjRFlS
qhEAmgMdsGjG7j4ucOcGNmYBQbJI5cLW
=duf+
-----END PGP SIGNATURE-----

--lrZ03NoBR/3+SXJZ--

Revision history for this message
Matt Zimmerman (mdz) wrote :

Fixed by upload of shadow_4.0.3-28.5ubuntu2

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 23 Jul 2004 15:06:04 -0700
From: Matt Zimmerman <email address hidden>
To: Bastian Blank <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#260799: passwd - lets root password unset

On Fri, Jul 23, 2004 at 11:59:08PM +0200, Bastian Blank wrote:

> On Fri, Jul 23, 2004 at 08:59:38AM -0700, Matt Zimmerman wrote:
> > > Which does not mean that other system users don't match the string
> > > "root". D-i adds one sometimes.
> > I have never seen it. What is the name of the user?
>
> | .../trunk/packages/network-console$ grep installer prebaseconfig
> | TEMPLATE_ROOT=debian-installer/network-console
> | echo 'installer:x:0:0:installer:/:/root/network-console-base-config' >> /target/etc/passwd
> | grep "^installer:" /etc/shadow >> /target/etc/shadow

Interesting; I never encountered it. Is this architecture-specific or
something?

Anyway, the fix for this bug is known and trivial...

--
 - mdz

Revision history for this message
Colin Watson (cjwatson) wrote :

That password entry is created by network-console, which is only used on a few
architectures at the moment (it's the "ssh into d-i" system). Bastian works on
s390, which is one such architecture.

Revision history for this message
In , Christian Perrier (bubulle) wrote : Patch for 29.2 NMU

Attached is the patch for this NMU (which has been uploaded in the
DELAYED/2-day queue just to give Karl a chance to overrule it). I
added a Croatian translation and last miute updates to a few other
translations as well as the fix for this RC bug.

--

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (25.8 KiB)

Message-ID: <email address hidden>
Date: Mon, 26 Jul 2004 19:05:19 +0200
From: Christian Perrier <email address hidden>
To: <email address hidden>
Subject: Patch for 29.2 NMU

--RnlQjJ0d97Da+TV1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Attached is the patch for this NMU (which has been uploaded in the
DELAYED/2-day queue just to give Karl a chance to overrule it). I
added a Croatian translation and last miute updates to a few other
translations as well as the fix for this RC bug.

--

--RnlQjJ0d97Da+TV1
Content-Type: application/octet-stream
Content-Disposition: attachment; filename="patch_29.2.gz"
Content-Transfer-Encoding: base64

H4sICNw4BUECA3BhdGNoXzI5LjIA5FxZcxtHkn4Wf0Ua3jDlBRoCwBuWdVhSyFzrColyrG3N
cgroIlBEowvbBylyj99A2eTasmiOLXskkf9AL/O8/wDP8zKheZiI/QmbmdXd6MZBgiYsTew6
bOLoOvL46svMqjJstbYG1h0vBL8pbL1pzRZLxZnVylKxfKGu3TXVCD058KzSezZlWdZxfc9V
SqVZq7RglZegvFCdW6iWK8VS/A/kS/h8Kp/PHzdHMkZlHsqLVfx3dnCMK1fAqswszi0UFiAf
v7lyZQpkvakh9w//duPap3dXV/5jS/o5uPTB/BSsqSmYsq7eurV6a/nOzYdXH3ycq/lQF1D3
wRZgS5AOSB9kiE1hzQNlgwpgXUBLg1sD1wXXgQ7+G6x+ch//ApmxBf4GBB6ELdhurl67k5vK
n2KKpvy1s8AUxP/c/mz5zoMVnPX68v0HH9P3ag0C6QdguWgJUV8V4eNVW3m5jyBoSnfKHgcF
ReUe5yR8fBIWsEkPDhVyZaVSLS+cFg7pYRARJUREqVqaHY6IxRnGA78QGs5dvbZ6+8HN1fs3
Hjy8tXIe0fDh/zkkXL29evPOw9WbN1ZWbvzzCiEDlb77cOXew5XzXx3rbFvWlHAv1JvCbUhH
N4a4ob/JCKf3N+vngUp1tjSm40cOFdHBfLW0NNT55cIM5MsFnBE9nzcDw/lylce2aOwPIXT9
QNQc+RGEXkO69a2Pm6rRnMpP5QH+Ee7cfmjePDQPwZcBBBqoDdRkXYS+BL0G969BLWyg5x5L
23S4LmsEWPSMcH1HBEq7Pj0BsOATT2wrB3WCsGOLQNpFuOZoX/pVeL8yX55ZXIhbXvM0dsWG
wrb7m82WF+Nmt5WrPahrz5N1ngnWNOKm2NEgXBshQ++aUtjS84149zzd8ETbHyrf9TCoN4fK
VpqZL8etPpU1T24Okay0UKmYWa4ZiaDelPUWyuSBp3UAHeH7m9qz0YLKbYBwPBTN2BY5hp/a
RbPczWSZwZeW2DuIumtNT/lsnnvS85T04GItrIWOI68YzBS117iEfKjdAiBY/il0gLDDqJmr
zi7GsJuCIeAoDwOHozcN0zI2YFMFTWgL5Qb4nyQXuL50g3HWWEbN0ajPWuPYtZZpmiyS0gIz
5Fy1dMr1Nny4iHBnqjMLQ9fczFIBqT1vXphwmVzhHIagr8CScEEG9QuRuX8HH3wAj6asc2jQ
ryD3+4YnOwYi6Vb/DvUQQ5cNVbDWoPL7HPwuilv5TMd/oZ7VMbvCuXOeDELPhVIk4zmUg4Uc
kMNYYshgloilh1P0eu9jmH48nVIiPWtaiePnzWfmHatf38yDNhgLuPpCUxKhjEZO1OIEuEat
JoDU/pEIpBhjytXS8DyxPE9JAf8liLb9ho8RNIehM4fEuI6UZS3b1ufIlkiL1WjiVTPbakev
NuUjlxrflx3tBdZtv6Fs65Ow4Vsrugr0zMrdu7tiXUNiI2a1riOTVsGIN2PNlKBcrlbmrNJc
qUSt86Nbz1ulMpRKmPFiT9Mahbxr3Zcbyu9vPEtDY+NSKd9rfEv4gbUS0bz2qvClaGyLBlzc
5tcrQVthaC26MrgUd3AboWhIa0WKdhXjBvP8xaa84ihmVGpGZpyd5bVuXsiQOU82QkdgfuQG
0tsQjl+EFUxksqyvMO/hWI4BYAtzGNelKICIhGmD3GkgMTomRIHwuX8xl3aUles+7+53n3a/
B3zZ7X7d/QY/vILuT/jyU/egu4vfW49y1PNRrgDdb7uH3Sfdve4fAFsf4Icj+ksffsQeu/gE
RwP8ft80eN591X3WPSpCuvF/4Sx71AFYgp3uHs2+Q22e4oMDGv159wdAcZ5SL6M4vn9G41Pb
r3HYPWqxj2PudV/QGNgOp3yFYv/IwxyhuM9IscO0jt9w06/p7RPUZg+VZSFihePJDrHdUxwJ
DfCSTEMdaFzqclikmVImeoHTknS7xopPjTCkDfc8NNpR9yPSbR8fvcA2+N2TqBVatJCyxjFd
D/Et67ITK/WEJTQK77Od96njAT3bxWY02fPu02LGq99hhyf05gjlxsnM5EfsMHpyFDmRDZvY
8wC7/8LKou338C2Nt9d9WQBuRh5mk5FaNM4e2ovbvmTUPKcPKTnIY5ax90HS2aDyUY5wRP58
YRxLfn5mDAGPcgbhj3LoYiuCdf4dY5k9x2K8QyynTEuivDss96zxDrA8iGOW5O1juR/HLMYY
WMZM733k/K0OxqSY8Pmr69Kve6pD8Y1jx1KlsAR5/suRI9jqUBSYxnICayrM5OmvK9ry0nQc
AQqw2ZSeTD2iUEJVFHWgLwrgqJbk6DGt2qFn63prGrDsmPba/vRABDk0ZkEQAitOujGynzIy
XsUkwry2w3Z8BcYN+OY8tj6gZ9wptSZ3qN2HsQl5pl20/SHbbFC/nv14rexgw1dpHXlB75CE
P6QWcES6RoRHu...

Revision history for this message
In , Karl Ramm (kcr) wrote : Bug#260799: fixed in shadow 1:4.0.3-30
Download full text (3.4 KiB)

Source: shadow
Source-Version: 1:4.0.3-30

We believe that the bug you reported is fixed in the latest version of
shadow, which is due to be installed in the Debian FTP archive:

login_4.0.3-30_i386.deb
  to pool/main/s/shadow/login_4.0.3-30_i386.deb
passwd_4.0.3-30_i386.deb
  to pool/main/s/shadow/passwd_4.0.3-30_i386.deb
shadow_4.0.3-30.diff.gz
  to pool/main/s/shadow/shadow_4.0.3-30.diff.gz
shadow_4.0.3-30.dsc
  to pool/main/s/shadow/shadow_4.0.3-30.dsc

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Karl Ramm <email address hidden> (supplier of updated shadow package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Jul 2004 09:38:32 -0400
Source: shadow
Binary: login passwd
Architecture: source i386
Version: 1:4.0.3-30
Distribution: unstable
Urgency: high
Maintainer: Karl Ramm <email address hidden>
Changed-By: Karl Ramm <email address hidden>
Description:
 login - System login tools
 passwd - Change and administer password and group data
Closes: 190567 235641 256664 257949 257949 258241 258563 258566 258957 259389 259663 259827 260223 260361 260722 260799 261387 261418
Changes:
 shadow (1:4.0.3-30) unstable; urgency=high
 .
   * Attempt to fix FTBFS and dependency problems on hurd. Closes: #235641
   * don't run dh_undocumented anymore as it has become angstful.
 .
   * Thanks to Christian Perrier:
   * Debconf translations
     - Brazilian updated. Closes: #261387
     - Croatian added. Closes: #261418
     - Minor corrections fo ja.po and pl.po headers
   * Programs translations
     - Dutch updated. Closes: #260361
     - Hebrew added. Closes: #260722
   * Urgency set to high because of RC bug fixed:
   * Correct check for root password being already set in passwd.config
     Closes: #260799
 .
   * Acknowledge 29.1 NMU:
     Closes: #256664, #257949, #258241, #258563, #258566, #258957,
     #190567, #259389, #260223, #257949, #259663, #259827
Files:
 af4a56952cb5a5ac968794fb2952327f 1381 base required shadow_4.0.3-30.dsc
 b4216b0f1723d1245de9b11f7485cb45 907714 base required shadow_4.0.3-30.diff.gz
 7dc81ae796075a482faf74bf0c141802 478580 base required passwd_4.0.3-30_i386.deb
 157ad3b90fec0a8e19eda1201ebe6248 491598 base required login_4.0.3-30_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQIVAwUBQQZuPHfSGPI1QaWIAQLWxA/9FIrxfuzDyEUxT9C8FXp2TfAjS9mQkOAu
hp+xkEtlKyDYajkVuTqImGqZ1QeaRbi9UWXJsq7OOxkfB0sYJoW18gUUE0+TAgdB
RgaMwKn/+z7DdBUXbZfgv0Ntyn4NGlHoOIZKOycl3k7shc8hQpPmPJhopRZuk7K2
c8j1bnB8GlKORk8rXq901SmX2YO6zkazDSf5NMNa3gLxOzV+t0qvUj+HAcHWcg1a
b2ek/BrNukY4kuVTXltce9MgtT981ojnPQSzZ3Jj3g4AHYdJhorG97cY/cRbw1Hq
0PNz0MmKsrXnnI2N5wGNcTZVbBKztH5B69dAtCrlHxlZV8TQIHJGcUFHuf7PgTqB
mPDd3oN7vY+Tln9JviQb/hY5HENpFL1pI7yT/v4Ve2HBUFD5M41yFd0TDt...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (3.6 KiB)

Message-Id: <email address hidden>
Date: Tue, 27 Jul 2004 11:32:17 -0400
From: Karl Ramm <email address hidden>
To: <email address hidden>
Subject: Bug#260799: fixed in shadow 1:4.0.3-30

Source: shadow
Source-Version: 1:4.0.3-30

We believe that the bug you reported is fixed in the latest version of
shadow, which is due to be installed in the Debian FTP archive:

login_4.0.3-30_i386.deb
  to pool/main/s/shadow/login_4.0.3-30_i386.deb
passwd_4.0.3-30_i386.deb
  to pool/main/s/shadow/passwd_4.0.3-30_i386.deb
shadow_4.0.3-30.diff.gz
  to pool/main/s/shadow/shadow_4.0.3-30.diff.gz
shadow_4.0.3-30.dsc
  to pool/main/s/shadow/shadow_4.0.3-30.dsc

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Karl Ramm <email address hidden> (supplier of updated shadow package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Jul 2004 09:38:32 -0400
Source: shadow
Binary: login passwd
Architecture: source i386
Version: 1:4.0.3-30
Distribution: unstable
Urgency: high
Maintainer: Karl Ramm <email address hidden>
Changed-By: Karl Ramm <email address hidden>
Description:
 login - System login tools
 passwd - Change and administer password and group data
Closes: 190567 235641 256664 257949 257949 258241 258563 258566 258957 259389 259663 259827 260223 260361 260722 260799 261387 261418
Changes:
 shadow (1:4.0.3-30) unstable; urgency=high
 .
   * Attempt to fix FTBFS and dependency problems on hurd. Closes: #235641
   * don't run dh_undocumented anymore as it has become angstful.
 .
   * Thanks to Christian Perrier:
   * Debconf translations
     - Brazilian updated. Closes: #261387
     - Croatian added. Closes: #261418
     - Minor corrections fo ja.po and pl.po headers
   * Programs translations
     - Dutch updated. Closes: #260361
     - Hebrew added. Closes: #260722
   * Urgency set to high because of RC bug fixed:
   * Correct check for root password being already set in passwd.config
     Closes: #260799
 .
   * Acknowledge 29.1 NMU:
     Closes: #256664, #257949, #258241, #258563, #258566, #258957,
     #190567, #259389, #260223, #257949, #259663, #259827
Files:
 af4a56952cb5a5ac968794fb2952327f 1381 base required shadow_4.0.3-30.dsc
 b4216b0f1723d1245de9b11f7485cb45 907714 base required shadow_4.0.3-30.diff.gz
 7dc81ae796075a482faf74bf0c141802 478580 base required passwd_4.0.3-30_i386.deb
 157ad3b90fec0a8e19eda1201ebe6248 491598 base required login_4.0.3-30_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQIVAwUBQQZuPHfSGPI1QaWIAQLWxA/9FIrxfuzDyEUxT9C8FXp2TfAjS9mQkOAu
hp+xkEtlKyDYajkVuTqImGqZ1QeaRbi9UWXJsq7OOxkfB0sYJoW18gUUE0+TAgdB
RgaMwKn/+z7DdBUXbZfgv0Ntyn4NGlHoOIZKOycl3k7shc8hQpPmPJhopRZuk7K2
c8j1bnB8GlKORk8rXq901SmX2YO6zkazDSf5NMNa3gLxOzV+t...

Read more...

Revision history for this message
Daniel Robitaille (robitaille) wrote :

Was fixed in Debian in 2004.

Changed in shadow:
status: Unconfirmed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in shadow:
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.