passwd/root-password-crypted not being honored

Bug #340841 reported by Bryan McLellan on 2009-03-11
2
Affects Status Importance Assigned to Milestone
shadow (Ubuntu)
Undecided
Unassigned
user-setup (Ubuntu)
Medium
Unassigned

Bug Description

nightly jaunty mirror, user-setup=1.23ubuntu14

No root password is set when preseeding with the following relevant values:
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password SHA512PASSWORD
d-i passwd/make-user boolean false

Initial tests were done with an MD5 password as well.

It appears that root_password() in functions.sh of user-setup considers a shadow password of '!' to be set. This causes the if block at line 165 of user-setup-apply in r454 of user-setup to fail and thus the password isn't set.

I would speculate that in the past the root password was blank in shadow, pwconv should be leaving it that way. This would be why user-setup-ask sets root-password-crypted to "!" of passwd/root-login is false. Thus perhaps something else is setting root's password to "!" before user-setup is run, so I don't know what specific package to file this against yet.

Bryan McLellan (btm) on 2009-03-11
Changed in debian-installer:
status: New → Invalid
Revision history for this message
Bryan McLellan (btm) wrote :

The changes to passwd.postinst in bug #296841 caused a regression by using 'lt' instead of 'lt-nl' on line 52. On a new installation no previously configured version is provided which 'lt' considers to be less than the version checked for. This causes passwd.postinst to add ! to the empty root password before user-setup runs, which in turn breaks root_password() in user-setup by causing it to return true which it should not.

Revision history for this message
Colin Watson (cjwatson) wrote :

Reopening the installer part of this; my system has no root password set, was not affected by the passwd change in question here, and yet root_password returns 0 for me.

Changed in debian-installer:
importance: Undecided → Medium
status: Invalid → Triaged
Revision history for this message
Bryan McLellan (btm) wrote :

Adding a check to consider a password in shadow of '!' as an unset password works around the regression caused by bug #296841 and as discussed on IRC is probably a good idea anyways. The user-setup udeb built with the attached patch tested good and allows me to set a SHA512 password using passwd/root-password-crypted.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package shadow - 1:4.1.1-6ubuntu3

---------------
shadow (1:4.1.1-6ubuntu3) jaunty; urgency=low

  [ Bryan McLellan ]
  * Don't do the vm-builder root password check on fresh installations
    (LP: #340841).

 -- Colin Watson <email address hidden> Tue, 17 Mar 2009 13:32:55 +0000

Changed in shadow:
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package user-setup - 1.23ubuntu15

---------------
user-setup (1.23ubuntu15) jaunty; urgency=low

  [ Bryan McLellan ]
  * Consider a password of '!' in shadow for root to be unset (LP: #340841).

 -- Colin Watson <email address hidden> Tue, 17 Mar 2009 14:16:04 +0000

Changed in user-setup:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers