First Last Prev Next    This bug is not in your last search results.
Bug 190014 - locally configured /etc/login.defs file was replaced by an update
locally configured /etc/login.defs file was replaced by an update
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: shadow-utils (Show other bugs)
5
All Linux
medium Severity high
: ---
: ---
Assigned To: Peter Vrabec
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-26 13:52 EDT by Bill Petersen
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-31 09:00:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Bill Petersen 2006-04-26 13:52:06 EDT 
Description of problem:
Installing an 'updated' shadow-utils (4.0.14-16.FC5) (with yum -y update)
replaced a local site configured file (/etc/login.defs) with stronger constraints

Version-Release number of selected component (if applicable):
4.0.14-16.FC5

How reproducible:
always

Steps to Reproduce:
1. yum -y update  or yum -y update  shadow-utils
2.
3.
  
Actual results:
The local /etc/login.defs file had been modified to make the system 'stronger'.
Specifically PASS_MAX_DAYS had been changed to 90 from 99999
PASS_MIN_DAYS had been changed to 7 from 0
PASS_MIN_LEN had been changed to 8 from 5

Expected results:
If the /etc/login.defs file has been modified from the original, don't replace
it.  After my system 'passed inspection' it later failed a security assessment
because the new shadow-utils has weak requirements such as never changing the
password (99999 days) min password length of 5, etc.

Additional info:
Comment 1 Peter Vrabec 2006-05-31 09:00:23 EDT 
I have marked login.defs as noreplace.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.