Description of problem: In the Xen context, I have created images for virtualization using yum to groupinstall base, etc. Upon instantiation, shadow passwords are not used. pwconv must be used to convert to shadow passwords Version-Release number of selected component (if applicable): 4.0.17-10.fc6 How reproducible: Always Steps to Reproduce: 1.yum --installroot=/mnt/fc6image groupinstall base (and others) 2.chroot /mnt/fc6image /usr/sbin/useradd abc -p blah_encrypted_blah_blah 3./mnt/fc6image/etc/shadow does not exist Actual results: Shadow does not exist, password in passwd Expected results: passwd contains :x: and shadow contains the password Additional info: Fix is to use pwconv. For this unsuspecting (like me before I found out), this can be a flaw waiting to be exploited.
shadow-utils doesn't use /etc/shadow, because it doesn't exit. # rpm -qf /etc/shadow setup-2.5.58-1.el5 Phil, do you know something about this?
Installing a guest using yum will by default use the most basic and default configuration for it (resp. it will be completely unconfigured). And an unconfigured system will by default not use /etc/shadow. So this is expected and intended behaviour. Using a proper installer (like anaconda) to setup up guest or by running firstboot after doing it with yum will result in a proper set up guest. Read ya, Phil