who the %^#$ is messing with /etc/passwd ??

Don Russell fedora at drussell.dnsalias.com
Sat Sep 27 17:13:36 UTC 2008 

On Sat, Sep 27, 2008 at 9:21 AM, Kam Leo <kam.leo at gmail.com> wrote:

> On Sat, Sep 27, 2008 at 12:13 AM, Don Russell
> <fedora at drussell.dnsalias.com> wrote:
> >
> >
> > On Fri, Sep 26, 2008 at 11:31 PM, Kam Leo <kam.leo at gmail.com> wrote:
> >>
> >> On Fri, Sep 26, 2008 at 10:58 PM, Don Russell
> >> <fedora at drussell.dnsalias.com> wrote:
> >> >
> >> >
> >> > On Thu, Sep 25, 2008 at 4:56 AM, Bill Crawford
> >> > <billcrawford1970 at gmail.com>
> >> > wrote:
> >> >>
> >> >> On Thursday 25 September 2008 12:41:13 Brian Millett wrote:
> >> >>
> >> >> > So the password field has changed from x to *  ????
> >> >> >
> >> >> > I know that that means look in /etc/shadow for the password, but
> what
> >> >> > inconsistancy will the older, established users find ??
> >> >>
> >> >> 'x' means look in /etc/shadow, '*' is one of several ways of
> indicating
> >> >> "no
> >> >> password" as in you can't log in, rather than "blank password" which
> >> >> lets
> >> >> all
> >> >> log in without one. The .rpmnew is the "unconverted" form, if you run
> >> >> pwunconv
> >> >> you'll see the same it /etc/passwd.
> >> >>
> >> >
> >> >
> >> > The /etc/passwd.rpmnew has 15 lines of userid stuff...
> >> > My /etc/passwd file has a lot more than that... and many I didn't even
> >> > know
> >> > about.... (various system things ntpd blah blah blah)
> >> >
> >> > Am I supposed to take the users that *I* added to the system (via
> >> > system-config-users) and cut/paste those ones into the new one,
> changing
> >> > the
> >> > x to an *? And thereby dropping all those other ones that are set to
> >> > nologon
> >> > anyway?
> >> >
> >> > Does pwconv or pwunconv do this for me automatically? (The man file
> >> > looks
> >> > great for people familiar with it... not so great for explaining what
> >> > the
> >> > commands really do.) Shouldn't the update script have done this when
> it
> >> > updated setup?
> >> >
> >> >        The pwconv command creates shadow from passwd and an optionally
> >> > existing
> >> >        shadow.
> >> >
> >> >        The pwunconv command creates passwd from passwd and shadow and
> >> > then
> >> >        removes shadow.
> >> >
> >> > So where does passwd.rpmnew come into play?
> >> >
> >> > pwconv ... and removes shadow... um, don't I need shadow?
> >> > ditto for pwunconv
> >> >
> >> > I don't get it, now I don't know what I have. :-(
> >> >
> >>
> >> The passwd  rpm specified the creation of /etc/passwd. Since your
> >> system already had an existing /etc/passwd file that spec instructions
> >> were written such that the old file was not overwritten. Your old file
> >> was protected and /etc/passwd.rpmnew was created. You should thank the
> >> packager for being diligent.
> >
> > Yes, I understand that part of it. What I don't understand now is, what
> am I
> > supposed to do with passwd.rpmnew?
> >
> > I don't mind manually merging in changes etc.. I do this all the time
> with
> > other config files that get created as .rpmnew or .rpmsave... I always go
> > and see what's changed....When I see this sort of thing for other
> packages
> > (sendmail for example) I compare the two config files and it's pretty
> > obvious they've added a new config option or something, but since I've
> > changed mine, they leave the new one as rpmnew... no problema, I merge my
> > changes in, restart sendmail, and presto keeno.. back in business with an
> > up-to-date system.
> >
> > Right now, I'm left wondering what I'm supposed to do with these passwd
> > files. Since I didn't add all those items to passwd in the first place,
> and
> > now they are removed from passwd.rpmnew, does that mean those IDs are no
> > longer required, and they should be removed from my passwd file?
> >
> > Every ID in passwd.rpmnew is already in passwd. But all IDs in passwd are
> > not in passwd.rpmnew.
> >
> > As I asked before, am I supposed to drop those ones that were system
> > generated, and just now keep the ones in passwd.rpmnew + the specific
> users
> > *I* created?
> >
> > Should I just change the "x" in passwd to * and call it a day?
> > And if that's the case, surely the update process could have done that...
> > but, it's not a big deal.
> >
> > As for "thanking the packager for being diligent". Um, doing that sort of
> > "save the file stuff" is so basic, it pretty much goes with saying. But,
> > yes, I DO appreciate the efforts of everybody that contributes to Fedora
> > (and other open source stuff)... including myself.
> >
> > To me, being "diligent" in this regard is making it obvious what needs to
> be
> > done next if the script didn't "do it all".
>
> I don't think you comprehend what I wrote. You do not need
> passwd.rpmnew.  You can delete it.
>
> Search your system for .rpmnew files. You'll be surprised at how many
> there are. Some will duplicate existing files, Those you can delete.
> You should examine the others that differ to determine if you want to
> replace the original file with  the .rpmnew version.


Thanks Kam,

Actually, I'm not surprised at all... I'm good about checking those out, and
cleaning them up. :-)

i.e.: [root at boris /]# pwd
/
[root at boris /]# find . -name *.rpmsave
[root at boris /]# find . -name *.rpmnew
./etc/passwd.rpmnew
[root at boris /]#

Only the one we're talking about. :-)

I guess I was confused about Bill Crawford's remarks (back a few in the
thread) about using x vs * ... Are they synonymous? Is one preferred over
the other? What's the difference between x and * ?

OK, I'm heading to the man pages now... (again) :-)

Cheers,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080927/dac638ac/attachment-0001.htm>

More information about the fedora-list mailing list