1 |
On Mon, Sep 18, 2006 at 10:09:03AM +0100, Jorge Almeida wrote: |
2 |
> I've seen somewhere a '*' in the password field of non-human users. I |
3 |
> think this is supposed to mean that user can't login. However, I didn't |
4 |
> find anything like that in gentoo's /etc/passwd (e.g., for user cron or |
5 |
> user sshd). Can someone comment on this matter? Is * deprecated? Of |
6 |
> course, these non-human users have /bin/false as shell, but extra |
7 |
> precautions wouldn't hurt... |
8 |
> Am I seeing something wrong? |
9 |
|
10 |
Passwords are stored in /etc/shadow for security reasons: |
11 |
-rw-r--r-- /etc/passwd |
12 |
-rw------- /etc/shadow |
13 |
|
14 |
>From shadow(5) manpage: |
15 |
If the password field contains some string that is not valid result of |
16 |
crypt(3), for instance ! or *, the user will not be able to use a unix |
17 |
password to log in, subject to pam(7). |
18 |
|
19 |
Bye. |
20 |
|
21 |
-- |
22 |
* Pillon Matteo |
23 |
-- |
24 |
gentoo-user@g.o mailing list |