Bug#316271: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"

prosolutions@gmx.net, 316271@bugs.debian.org prosolutions@gmx.net, 316271@bugs.debian.org
Wed, 29 Jun 2005 23:07:56 -0700

So wrote Christian Perrier on Thursday, 30 June 2005:
> Date: Thu, 30 Jun 2005 07:21:19 +0200
> From: Christian Perrier <bubulle@debian.org>
> To: sean finney <seanius@debian.org>
> Subject: Re: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"
> User-Agent: Mutt/1.5.9i
> Cc: Daniel <prosolutions@gmx.net>, 316271@bugs.debian.org,
> 	debian-boot@lists.debian.org
> Quoting sean finney (seanius@debian.org):
> > i can't be certain without reinstalling some system with an official
> > sarge installer (i suppose i could deboostrap+base-config, but i still
> > wouldn't be 100% certain), but i'm fairly certain shadow passwords
> > are the default these days.  looking in the debconf templates for
> > the shadow package included in the installer iso, i see the default
> > for the shadow question in true though...
> > 
> > i'll cc this to debian-boot to see if someone could verify this.
> Well, the shadow maintainer could have better confirmed also but it
> happens he reads -boot as well..:-)
> Yes, the default is to install the system with shadow passwords. Both
> when passwd is configured from base-config (thus in d-i) AND when it
> is configured alone.
> > 
> > > > so in your opinion, should this bug be closed or should i reorganize
> > > > this bug as "nagios does not work on systems without shadow passwords"?
> > > 
> > > in my opinion you should reorganize it because there definitely was a problem on the system
> > > without shadow passwords and because i think that the debian installer -
> > > at least some versions of it - were not asking if they should be enabled
> > > when setting up passwd.  so it is possible that a good number of systems
> > > do not have shadow passwords enabled and could run into this same
> This is not true. Default installs skip the question about shadow
> passwords because the debconf priority is high whie the question has a
> low priority.
> But, in that case, the default settings are used and the answer to the
> shadow passwords question is "True".
> So, systems *without* shadow passwords should be very rare, at least
> for sarge or above systems installed from scrtach. The only case where
> shadow passwords may be disabled are:

I recently did a whole slate of Debian installs with the first release
of Sarge.  All of them were done in expert mode and none of them enabled
shadow passwords.  Nor was I ever asked to enable them at any point
during the setup.  I know this because I *always* enable this when the
choice is presented.

> -really really really old Debian systems (I haven't been able to find
>  when the default was switch to shadow passwords but it probably older
>  than potato and certainyl far older)
> -systems where the admin deliberately chooses to NOT use shadow
>  passwords by doing "dpkg-reconfigure passwd" and answer "False" to
>  the question
> -systems installed with d-i in "expert" mode where the admin also did
> choose to deliberately answer "False" to that question
> So all cases are very rare.
> > > problem.  or maybe you could close it and just have the installer do a
> > > quick test to see if shadow is enabled and then warn about it?
> > 
> > in any case i think not installing for systems w/o shadow passwords is a bug,
> Depends. In some cases (such as old NIS setups, IIRC), this may be needed.