Re^2: Another shadow question

To: maor@ece.utexas.edu (Guy Maor)
Cc: debian-devel@Pixar.com (Debian Developer Mailing List)
Subject: Re^2: Another shadow question
From: david@eos.lugs.ch (David Frey)
Date: Sat, 11 May 1996 00:05:19 +0200 (MET DST)
Message-id: <[🔎] m0uI0JN-000AHrC@eos>
Reply-to: debian-devel@pixar.com (Debian Developer Mailing List)
In-reply-to: <[🔎] Pine.SOL.3.91.960510012946.26204G-100000@brando.ece.utexas.edu> from "Guy Maor" at May 10, 96 02:01:05 am

Hello everybody,

Guy> > On Tue, 7 May 1996, David Frey wrote:
Guy> > 
Guy> > >    There are far too many conflicting binaries which are replaced by
Guy> > >    shadow (passwd, login was in miscutils (where is it now?), 
Guy> > >            su is in shellutils, chfn, newgrp (in shellutils), ...)
Guy> > 
Guy> > Ugh. It'd look like it'd be kinda messy. Wouldn't it be better to simply
Guy> > change all packages to be shadow-aware (i.e. they use shadow if it's
Guy> > there)?
Guy> 
Guy> >From my understanding of shadow passwords, it is possible to make
Guy> programs work both with and without shadowing.  I'm the maintainer of
Guy> all the programs mentioned except su.  Perhaps, David, you could put
Guy> the source somewhere so I and the other affected developers could look
Guy> at it?

I fear, that I was unclear. I wasn't speaking of general 'shadow support',
I thought at the 'shadow' package from John. F. Haugh II under the BSD 
copyright.
This package provides a new shadow-aware login, su, passwd, et.al plus
some programs to convert to shadow-passwds.

The current upstream-maintainer of the shadow package is 
Marek Michalkiewicz, below the LSM (there may be newer versions around):

  Begin3
  Title:	  Shadow Password Suite
  Version:	  3.3.3-951218
  Entered-date:	  18DEC95
  Description:	
  Keywords:	  login passwd security shadow
  Author: 	  jfh@rpp386.cactus.org (John F. Haugh II)
  Maintained-by:  marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)
  Primary-site:	  sunsite.unc.edu /pub/Linux/system/Admin
		  220K shadow-951218.tar.gz
  Alternate-site: ftp.ists.pwr.wroc.pl /pub/linux/shadow
  Original-site:  ftp.uu.net ?
  Platforms:	
  Copying-policy:  BSD-like
  End

Guy> Is it possible for a system to be switched to or from shadow support,
Guy> or must the decision be made on installation?  

You simply have to replace the shadow package against it non-shadow
counterparts: login, su, passwd etc.

Guy>                                               Does your package
Guy> include scripts that rewrite passwd into passwd and shadow and
Guy> vice-versa?  

No. It was a private hack for me, so there aren't any sophisticated
install scripts etc.

(It's not difficult, by the way).

Guy>             I'm imagining a program, shadowconfig, that could be run
Guy> to turn on or off shadow password support.  The other programs would
Guy> adjust based on whether the password was in the passwd struct.  Is this
Guy> practical?

I don't think it's practical (but not impossible).

Guy> I don't think it's wise to start a discussion on the merits of password
Guy> shadowing, as I'm afraid that it would rapidly deteriorate.  Optional

You're right. I didn't my no means wanted to start a flame-war or something
such.

Guy> shadow password support, however, would be a big feather in our cap.

Yes, that's exactly my opinion, too.

Later,
  David
-- 
David Frey <david@eos.lugs.ch>|Microsoft isn't the answer...it's the QUESTION.
Schlieren, Switzerland        |``No'' is the answer.
PGP-Key available on request  |Use Debian GNU/Linux!

Reply to:

Follow-Ups:
- Re: Re^2: Another shadow question
  - From: Michael Meskes <meskes@informatik.rwth-aachen.de>

References:
- Re: Another shadow question
  - From: Guy Maor <maor@ece.utexas.edu>

Prev by Date: Re: Incoming directory status
Next by Date: Re: Incoming directory status
Previous by thread: Re: Another shadow question
Next by thread: Re: Re^2: Another shadow question
Index(es):
- Date
- Thread