[Pkg-shadow-devel] Bug#1124105: passwd leaves behind /etc/.pwd.lock upon uninstalling
Jochen Sprickerhof
jspricke at debian.org
Sun Dec 28 09:45:31 GMT 2025
* Chris Hofstaedtler <zeha at debian.org> [2025-12-28 10:00]:
>I think turning shadow passwords -off- when uninstalling passwd is a
>no-go.
Agreed.
>> just enable shadow by default is the better solution here.
>
>Well, but where. base-passwd?
I think that would make sense. base-passwd would need to:
sed -i 's/\*/+/' passwd.master group.master
And also ship a shadow.master and gshadow.master or generate it with
something like:
sed 's/\([^:]*\):.*/\1:*::/' passwd.master > shadow.master
sed 's/\([^:]*\):.*/\1:*::/' group.master > gshadow.master
I would assume that represents most of the Debian systems anyhow so it
makes sense to ship it by default.
>Also not so useful if there is no
>chance of having *passwords* at all (because there are no tools
>to write a password without `passwd`).
Not sure I understand, can you explain?
>Maybe `shadowconfig on` should just delete the lock file? Didn't
>investigate yet if this is feasible.
Probably also a good idea but that would be libc as shadowconfig is
using pwconv which is calling lckpwdf() and that is creating the lock
file. Maybe it should clean it up upon ulckpwdf().
Feel free to clone and reassign if you agree.
Cheers Jochen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20251228/a58d6e78/attachment.sig>
More information about the Pkg-shadow-devel
mailing list