Bug#316271: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"
Wed, 29 Jun 2005 23:50:57 -0700
So wrote Christian Perrier on Thursday, 30 June 2005:
> Date: Thu, 30 Jun 2005 08:38:48 +0200
> From: Christian Perrier <email@example.com>
> To: firstname.lastname@example.org
> Subject: Re: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"
> User-Agent: Mutt/1.5.9i
> Cc: Christian Perrier <email@example.com>,
> sean finney <firstname.lastname@example.org>, email@example.com,
> > > So, systems *without* shadow passwords should be very rare, at least
> > > for sarge or above systems installed from scrtach. The only case where
> > > shadow passwords may be disabled are:
> > I recently did a whole slate of Debian installs with the first release
> > of Sarge. All of them were done in expert mode and none of them enabled
> > shadow passwords. Nor was I ever asked to enable them at any point
> > during the setup. I know this because I *always* enable this when the
> > choice is presented.
> Template: passwd/shadow
> Type: boolean
> Default: true
> _Description: Enable shadow passwords?
> Shadow passwords make your system more secure because nobody is able to
> view even encrypted passwords. Passwords are stored in a separate file
> that can only be read by special programs. The use of shadow passwords
> is strongly recommended. However, if you're going to use NIS you could
> run into trouble.
> In passwd.config, which is necessarily called in 2nd stage (otherwise,
> you would end up with an empty root user password..:-))):
> Were you prompted about the root user password, normal user name,
> login name and password ? If so, then passwd.config was used and in
> it, we find:
> in the state machine....
> # Ask how the password files should be set up.
> db_input low passwd/shadow || true
> # Enable shadowed passwords...or not
> db_get passwd/shadow
> if [ "$RET" = true ]; then
> shadowconfig on >/dev/null
> shadowconfig off >/dev/null
> So, I really fail to see how you end up with no shadow passwords, but
> on any default install, shadow passwords *are* enabled. So are they on
> all sarge machines I have ever installed from scratch.
could it be that this is configured not during the initial CD install
but the the second portion of setup after the first reboot? i usually just exit
out of this second part because i prefer to manually reconfigure exim
and install users later on.