Bug 1032175 - "nope" used as a password hash in /etc/shadow
"nope" used as a password hash in /etc/shadow
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: guest-images (Show other bugs)
x86_64 Linux
high Severity high
: rc
: ---
Assigned To: Joey Boggs
Virtualization Bugs
: ZStream
Depends On:
Blocks: 1045488 1045489 1045490
  Show dependency treegraph
Reported: 2013-11-19 11:30 EST by Jaroslav Henner
Modified: 2014-10-22 14:43 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-10-22 14:43:18 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jaroslav Henner 2013-11-19 11:30:58 EST
Description of problem:
There is a string, considered as a hash of some kind, reading "nope" in the shaddow for root. I think it should rather be "!" to explicitly disable root console login.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. nova boot with root key injected, add floating ip
2. ssh
3. cat /etc/shaddow
4. su cloud-user
   su  # type nope

Actual results:
3) reads
4) Login denied which is OK. It should just be made sure the system is not using any default password.

Expected results:
3) reads 
4) Login still denied

Additional info:
Comment 2 RHEL Product and Program Management 2013-11-22 12:24:26 EST
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 7 yuliu 2014-09-11 02:11:58 EDT

1.check the default shadow file
# virt-cat rhel-guest-image-6.6-20140910.0.x86_64.qcow2 /etc/shadow |grep root

Verified as above.
Comment 9 errata-xmlrpc 2014-10-22 14:43:18 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.