Bug#316271: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"

Christian Perrier Christian Perrier <bubulle@debian.org>, 316271@bugs.debian.org
Thu, 30 Jun 2005 08:38:48 +0200

> > So, systems *without* shadow passwords should be very rare, at least
> > for sarge or above systems installed from scrtach. The only case wher=
> > shadow passwords may be disabled are:
> I recently did a whole slate of Debian installs with the first release
> of Sarge.  All of them were done in expert mode and none of them enable=
> shadow passwords.  Nor was I ever asked to enable them at any point
> during the setup.  I know this because I *always* enable this when the
> choice is presented.

Template: passwd/shadow
Type: boolean
Default: true
_Description: Enable shadow passwords?
 Shadow passwords make your system more secure because nobody is able to
 view even encrypted passwords. Passwords are stored in a separate file
 that can only be read by special programs. The use of shadow passwords
 is strongly recommended. However, if you're going to use NIS you could
 run into trouble.

In passwd.config, which is necessarily called in 2nd stage (otherwise,
you would end up with an empty root user password..:-))):

Were you prompted about the root user password, normal user name,
login name and password=A0? If so, then passwd.config was used and in
it, we find:

in the state machine....

		# Ask how the password files should be set up.
		db_input low passwd/shadow || true

		# Enable shadowed passwords...or not
		db_get passwd/shadow
		if [ "$RET" =3D true ]; then
			shadowconfig on >/dev/null
			shadowconfig off >/dev/null

So, I really fail to see how you end up with no shadow passwords, but
on any default install, shadow passwords *are* enabled. So are they on
all sarge machines I have ever installed from scratch.