Red Hat Bugzilla – Bug 5005
See bug 3281
Last modified: 2008-05-01 11:37:51 EDT
This bug may be filed as resolved, but the bug itself still
exists. Requiring somebody who is already root to
hand-modify the passwd file to have "!!" for any user who
doesn't already have a password is completely foolish.
Nobody in their right mind wants this kind of restriction.
Bottom line: as root, running passwd on a user should ALWAYS
succeed, replacing ANY existing contents with the new
crypted password. If you want to annoy "enterprise" class
admins, this is a fine way to do it. Not everyone wants to
use whatever your utility is _this particular release_ to
change users' passwords. Especially when wc -l passwd ==
*** Bug 3281 has been marked as a duplicate of this bug. ***
Am I going crazy? I installed Red Hat 6.0 (`Everything'),
all was well, I logged in as root on the console, typed
passwd operator to enable a non-root account, it said
passwd: all authentication tokens updated successfully
but /etc/passwd didn't actually change, the password was
still *. I tried several different passwords.
I did not enable MD5 passwords or NIS+ on the new setup
screen at the end.
This is not peculiar to operator. For example, I just tried
passwd bin (another account with a * password), used
jac:jil! for the password, and /etc/passwd didn't change
despite the success message.
------- Additional Comments From email@example.com 06/05/99 11:12 -------
Change the password field from '*' to '!!' and you will be able to
change the password.
------- Additional Comments From firstname.lastname@example.org 09/08/99 21:17 -------
This is not reasonable. No other unix does anything this stupid. Root
using passwd to change the entry should ALWAYS work, no matter the
existing contents. WHAT THE HELL WERE YOU THINKING?
It will be fixed in the next release. The passwd of the accound does
not change (the account still remains locked), so I fail to see why
this is a Security/High bug.