[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Solaris /etc/shadow editing problems with cfengine 2.1.11

From: Anne Cross
Subject: Solaris /etc/shadow editing problems with cfengine 2.1.11
Date: Thu, 2 Dec 2004 13:23:26 -0500
User-agent: Mutt/

We're running CFengine across our mixed Solaris 8 and 9 environment and 
have been doing so with great success for some time now.  Since I just 
got our patch distribution scripts working, and we were several versions 
behind on CFengine versions, I started upgrading servers to cfengine 

I didn't notice any issues until we built a new solaris 9 server from
scratch, put the new cfengine on it, and it failed to get any of the 
crypted passwords for our default accounts.  It got the entries in 
/etc/password just fine, but not the entries for /etc/shadow.  We 
control those entries like this.

      { /etc/passwd
        SetLine "patch:x:100:1:Patch:/home/patch:/bin/sh"
        AppendIfNoLineMatching "^patch:x:100:.*"


      { /etc/shadow
        SetLine "patch:NP:::::::"
        AppendIfNoLineMatching "^patch:.*"


This works fine through version 2.1.10.

When I take everything out of the config file, and make it so that the
only directives that editfiles: contains are edits to /etc/shadow, it
works in 2.1.11 also.  But only then.

When I run cfagent 2.1.11 in verbose mode against the full config, the
program seems to skip over the /etc/shadow directives in silently, not
even indicating that they're there.  It will edit any other file fine.

Is this a bug or a new feature that I missed somewhere in the 

        -- Anne

Anne Cross
Systems Administrator, Tufts University
"They just tend to lunge at whatever looks interesting to them, write 
 whatever they please, and let the chips fall where they may. So we
 may seem not merely arrogant, but completely unhinged." -- Neal Stephenson 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]