Package: libnss-extrausers
Version: 0.3-1
Severity: normal
with libnss-extrausers installed and /etc/nsswitch.conf containing:
shadow: compat extrausers
i see some weird behavior:
0) "getent passwd" provides full enumeration of /etc/passwd and
/var/lib/extrausers/passwd, but "getent shadow" returns only the
contents of /etc/shadow. "getent shadow foo" works to return lines
from /var/lib/extrausers/shadow, though.
1) "getent shadow foo" converts blank fields from extrausers/shadow
to fields containing '0', unlike data from /etc/shadow. Compare:
0 root@spice:~# grep ^foo: /etc/shadow /var/lib/extrausers/shadow
/var/lib/extrausers/shadow:foo:*:15000:0:99999:7:::
0 root@spice:~# getent shadow foo
foo:*:15000:0:99999:7:0:0:0
0 root@spice:~# grep ^statd: /etc/shadow /var/lib/extrausers/shadow
/etc/shadow:statd:*:14776:0:99999:7:::
0 root@spice:~# getent shadow statd
statd:*:14776:0:99999:7:::
0 root@spice:~#
This is problematic because as shadow(5) says in its description of
the 8th field ("account expiration date"):
An empty field means that the account will never expire.
The value 0 should not be used as it is interpreted as either an
account with no expiration, or as an expiration on Jan 1, 1970.
Thanks for maintaining libnss-extrausers in debian!
Regards,
Debian Release: squeeze
Architecture: i386 (i686)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Create a new topic
Follow the discussion
1 reply
Make a reply
May 25th, 2013 - 9:28 AM ET
Join now
Login
Replies