Bug 1160261

Summary: Please backport the upstream shadow.aug
Product: Red Hat Enterprise Linux 6 Reporter: Pino Toscano <ptoscano>
Component: augeasAssignee: Dominic Cleal <dcleal>
Status: CLOSED ERRATA QA Contact: Virtualization Bugs <virt-bugs>
Severity: low Docs Contact:
Priority: medium    
Version: 6.6CC: dcleal, huzhan, leiwang, virt-bugs, wshi
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: augeas-1.0.0-8.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1145249 Environment:
Last Closed: 2015-07-22 05:41:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1145249    
Bug Blocks: 1138630    

Description Pino Toscano 2014-11-04 13:24:31 UTC 
+++ This bug was initially created as a clone of Bug #1145249 +++

Description of problem:
Since few weeks (development release 1.27.38), libguestfs uses a copy of the upstream shadow.aug lens to properly edit /etc/shadow, like editing password fields or removing users.
We did that (carrying a copy) because this lens is pretty new ([1][2]), and it is not part of any upstream release.

Thus, it would be nice if the Augeas in RHEL 7.1 could provide a backport of it, which would ease our implementation a bit (especially because libguestds 1.27.x/1.28.x is in RHEL 7.1).

[1] https://github.com/hercules-team/augeas/commit/03f24b24ed13fb1d01717a9247bf8a2cea5f0b71
[2] https://github.com/hercules-team/augeas/commit/b6090f1782e6093666f60d60ad7d79fd488cc8d0

Version-Release number of selected component (if applicable):
1.1.0-15.el7

----------------------------------------

In RHEL 6.x the virt-sysprep situation is simplier (we don't carry a shadow.aug there), the code is doing only:

          (* XXX Augeas doesn't yet have a lens for /etc/shadow, so the
           * next line currently does nothing, but should start to
           * work in a future version.
           *)
          g#aug_rm (sprintf "/files/etc/shadow/%s" username);

So backporting shadow.aug to RHEL 6 should make this work automatically (and fix bug 1138630, which will require just a version bump).
Comment 2 Hu Zhang 2015-03-03 09:51:10 UTC 
Steps to verify:

1. #find /usr/share/augeas/lenses -name shadow.aug 
/usr/share/augeas/lenses/dist/shadow.aug

2. #augtool print /augeas/files/etc/shadow
/augeas/files/etc/shadow
/augeas/files/etc/shadow/path = "/files/etc/shadow"
/augeas/files/etc/shadow/mtime = "1411777873"
/augeas/files/etc/shadow/lens = "@Shadow"
/augeas/files/etc/shadow/lens/info = "/usr/share/augeas/lenses/dist/shadow.aug:66.17-.40:"

3. #augtool print /files/etc/shadow
/files/etc/shadow
/files/etc/shadow/root
/files/etc/shadow/root/password = "$1$pDj5hfT7$SKwmFsQdYEnyCJ5qKphwE1"
/files/etc/shadow/root/lastchange_date = "16338"
/files/etc/shadow/root/minage_days = "0"
/files/etc/shadow/root/maxage_days = "99999"
/files/etc/shadow/root/warn_days = "7"
/files/etc/shadow/root/inactive_days = ""
/files/etc/shadow/root/expire_date = ""
/files/etc/shadow/root/flag = ""
/files/etc/shadow/bin
[...]

No parse error returned.
So verified.
Comment 4 errata-xmlrpc 2015-07-22 05:41:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1256.html