Summary: | sys-apps/baselayout: passwd should default to "portage" being locked out | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Joakim Tjernlund <joakim.tjernlund> |
Component: | [OLD] baselayout | Assignee: | William Hubbs <williamh> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | base-system, gentoo-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Joakim Tjernlund
2014-09-02 12:50:21 UTC
/usr/share/baselayout/group actually has: portage::250:portage being in shadow implies the acct should have a password set & logged in. instead, let's change the "x" to "!" for the portage acct. (In reply to SpanKY from comment #2) > being in shadow implies the acct should have a password set & logged in. > instead, let's change the "x" to "!" for the portage acct. This differs from every other user, they are in shadow with a !/* instead. Would it not be better to follow the same pattern here? (In reply to Joakim Tjernlund from comment #3) i'm aware of what we do with other accts, but i don't see why it'd make any difference at all to be consistent (In reply to SpanKY from comment #4) > (In reply to Joakim Tjernlund from comment #3) > > i'm aware of what we do with other accts, but i don't see why it'd make any > difference at all to be consistent It is just odd that this user does not do what any other user does. The one reason I can think of is to hide information. Having all users in shadow makes it a little bit harder for an atacker to break in as he/she cannot know whether an account is locked etc. beforehand. Anyhow, I don't feel strongly about this, feel free close this report I have made this consistent by adding the portage user to shadow. This will be in baselayout-2.3. The commit id is 5ee3c95. *** Bug 592900 has been marked as a duplicate of this bug. *** |