Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 521970 - sys-apps/baselayout: passwd should default to "portage" being locked out
Summary: sys-apps/baselayout: passwd should default to "portage" being locked out
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] baselayout (show other bugs)
Hardware: All Linux
: Normal enhancement (vote)
Assignee: William Hubbs
URL:
Whiteboard:
Keywords:
: 592900 (view as bug list)
Depends on:
Blocks:
 
Reported: 2014-09-02 12:50 UTC by Joakim Tjernlund
Modified: 2016-09-05 00:36 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Joakim Tjernlund 2014-09-02 12:50:21 UTC
Browsing around baselayouts default passwd/group files(/usr/share/baselayout/*)
I noticed that /usr/share/baselayout/shadow lacks the portage user.
This looks like a bug to me?
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2014-09-04 10:30:07 UTC
/usr/share/baselayout/group actually has: portage::250:portage
Comment 2 SpanKY gentoo-dev 2014-11-15 09:51:41 UTC
being in shadow implies the acct should have a password set & logged in.  instead, let's change the "x" to "!" for the portage acct.
Comment 3 Joakim Tjernlund 2014-11-16 10:43:19 UTC
(In reply to SpanKY from comment #2)
> being in shadow implies the acct should have a password set & logged in. 
> instead, let's change the "x" to "!" for the portage acct.

This differs from every other user, they are in shadow with a !/* instead.
Would it not be better to follow the same pattern here?
Comment 4 SpanKY gentoo-dev 2014-11-16 17:30:17 UTC
(In reply to Joakim Tjernlund from comment #3)

i'm aware of what we do with other accts, but i don't see why it'd make any difference at all to be consistent
Comment 5 Joakim Tjernlund 2014-11-17 08:23:18 UTC
(In reply to SpanKY from comment #4)
> (In reply to Joakim Tjernlund from comment #3)
> 
> i'm aware of what we do with other accts, but i don't see why it'd make any
> difference at all to be consistent

It is just odd that this user does not do what any other user does.

The one reason I can think of is to hide information. Having all
users in shadow makes it a little bit harder for an atacker to break in
as he/she cannot know whether an account is locked etc. beforehand.

Anyhow, I don't feel strongly about this, feel free close this report
Comment 6 William Hubbs gentoo-dev 2016-08-28 16:21:56 UTC
I have made this consistent by adding the portage user to shadow.
This will be in baselayout-2.3. The commit id is 5ee3c95.
Comment 7 Mike Gilbert gentoo-dev 2016-09-05 00:36:25 UTC
*** Bug 592900 has been marked as a duplicate of this bug. ***