Bug#316271: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"

prosolutions@gmx.net, 316271@bugs.debian.org prosolutions@gmx.net, 316271@bugs.debian.org
Wed, 29 Jun 2005 23:50:57 -0700 

So wrote Christian Perrier on Thursday, 30 June 2005:
> Date: Thu, 30 Jun 2005 08:38:48 +0200
> From: Christian Perrier <bubulle@debian.org>
> To: prosolutions@gmx.net
> Subject: Re: [Pkg-nagios-devel] Bug#316271: nagios install fails "chage: can't open shadow password fileadduser"
> User-Agent: Mutt/1.5.9i
> Cc: Christian Perrier <bubulle@debian.org>,
> 	sean finney <seanius@debian.org>, 316271@bugs.debian.org,
> 	debian-boot@lists.debian.org
> 
> 
> > > So, systems *without* shadow passwords should be very rare, at least
> > > for sarge or above systems installed from scrtach. The only case where
> > > shadow passwords may be disabled are:
> > 
> > I recently did a whole slate of Debian installs with the first release
> > of Sarge.  All of them were done in expert mode and none of them enabled
> > shadow passwords.  Nor was I ever asked to enable them at any point
> > during the setup.  I know this because I *always* enable this when the
> > choice is presented.
> 
> Template: passwd/shadow
> Type: boolean
> Default: true
> _Description: Enable shadow passwords?
>  Shadow passwords make your system more secure because nobody is able to
>  view even encrypted passwords. Passwords are stored in a separate file
>  that can only be read by special programs. The use of shadow passwords
>  is strongly recommended. However, if you're going to use NIS you could
>  run into trouble.
> 
> In passwd.config, which is necessarily called in 2nd stage (otherwise,
> you would end up with an empty root user password..:-))):
> 
> Were you prompted about the root user password, normal user name,
> login name and password ? If so, then passwd.config was used and in
> it, we find:
> 
> in the state machine....
> 
> 	0)
> 		# Ask how the password files should be set up.
> 		db_input low passwd/shadow || true
> 	;;
> 
> 
> 	2)
> 		# Enable shadowed passwords...or not
> 		db_get passwd/shadow
> 		if [ "$RET" = true ]; then
> 			shadowconfig on >/dev/null
> 		else
> 			shadowconfig off >/dev/null
> 		fi
> 	;;
> 
> 
> So, I really fail to see how you end up with no shadow passwords, but
> on any default install, shadow passwords *are* enabled. So are they on
> all sarge machines I have ever installed from scratch.
> 


could it be that this is configured not during the initial CD install
setup,
but the the second portion of setup after the first reboot?  i usually just exit
out of this second part because i prefer to manually reconfigure exim
and install users later on.