[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Solaris /etc/shadow editing problems with cfengine 2.1.11
From: |
Iain Morgan |
Subject: |
Re: Solaris /etc/shadow editing problems with cfengine 2.1.11 |
Date: |
Thu, 2 Dec 2004 11:07:32 -0800 (PST) |
Since you discovered this issue during a new build, does the problem only
manifest during JumpStart? If so, you might want to confirm that the shadow
file exists when cfengine is running.
I vaguely recall a situation during OS installation (I think it was with
Solaris) where I had to run pwconv to create the shadow file.
On Thu Dec 2 10:23:26 2004, Anne Cross wrote:
>
> We're running CFengine across our mixed Solaris 8 and 9 environment and
> have been doing so with great success for some time now. Since I just
> got our patch distribution scripts working, and we were several versions
> behind on CFengine versions, I started upgrading servers to cfengine
> 2.1.11.
>
> I didn't notice any issues until we built a new solaris 9 server from
> scratch, put the new cfengine on it, and it failed to get any of the
> crypted passwords for our default accounts. It got the entries in
> /etc/password just fine, but not the entries for /etc/shadow. We
> control those entries like this.
>
> editfiles:
> sun4u::
> { /etc/passwd
>
>
> SetLine "patch:x:100:1:Patch:/home/patch:/bin/sh"
> AppendIfNoLineMatching "^patch:x:100:.*"
>
> }
>
> { /etc/shadow
>
> SetLine "patch:NP:::::::"
> AppendIfNoLineMatching "^patch:.*"
>
> }
>
> This works fine through version 2.1.10.
>
> When I take everything out of the config file, and make it so that the
> only directives that editfiles: contains are edits to /etc/shadow, it
> works in 2.1.11 also. But only then.
>
> When I run cfagent 2.1.11 in verbose mode against the full config, the
> program seems to skip over the /etc/shadow directives in silently, not
> even indicating that they're there. It will edit any other file fine.
>
> Is this a bug or a new feature that I missed somewhere in the
> documentation?
>
> -- Anne
>
> Anne Cross
> Systems Administrator, Tufts University
> "They just tend to lunge at whatever looks interesting to them, write
> whatever they please, and let the chips fall where they may. So we
> may seem not merely arrogant, but completely unhinged." -- Neal Stephenson
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
>
--
Iain Morgan
Re: Solaris /etc/shadow editing problems with cfengine 2.1.11,
Iain Morgan <=