Description of problem: Options to auth (or authconfig) are ignored, specifically "--enablemd5" and "--enableshadow". Manually running authconfig after the install is successful. Anaconda-ks.cfg shows the following after kickstart install: authconfig auth --enablemd5 --enableshadow It seems to add an additional "authconfig" to the beginning of the line. Using "authconfig" in the kickstart results in "authconfig authconfig ...". After an interactive install, the line in anaconda-ks.cfg is correct: authconfig --enablemd5 --enableshadow Version-Release number of selected component (if applicable): This applies to RHEL 5.5 media (and possibly 5.4). It worked properly for RHEL 5.3 media. How reproducible: Always Steps to Reproduce: 1. Use "auth --enablemd5 --enableshadow" in a kickstart install using RHEL 5.5 2. Check /etc/passwd Actual results: Neither MD5 nor shadow files are enabled. Expected results: MD5 crypted passwords in a shadow file.
Can you attach /tmp/anaconda.log and /tmp/syslog to this bug report?
Created attachment 415748 [details] Anaconda log
Created attachment 415749 [details] Anaconda's syslog
Created attachment 415750 [details] anaconda-ks.cfg generated during install
Created attachment 415751 [details] Original kickstart used to install server
I added 4 files. The anaconda.log and syslog as requested. I did not see anything that would be problematic in there, so I think the issue may be in parsing the kickstart initially. The other two files are the kickstart used for the install, and the kickstart generated by anaconda during the install. Please let me know if you need anything else.
Does it work correctly if you remove the leading spaces from the lines with commands on them (lines 9 through 30)?
I removed the leading spaces from the kickstart and the resulting install was properly configured for shadowing passwords. I never thought to try that since the other commands (and all of them previously) were working fine.
The authconfig command in kickstart is special. It's just a pass through to the authconfig program. Whatever arguments you specify get passed along as one big line. That way, there's no need to worry with quoting or other unusual shell possibilities. As a result of how this is implemented internally, the leading spaces don't get removed and we attempt to run "authconfig auth --enablemd5 --enableshadow". Obviously, that doesn't work so the authconfig program bails out and your machine is not set up correctly. If you're interested in the code, check out how the authconfig command is handled: http://git.fedoraproject.org/git/?p=pykickstart.git;a=blob;f=pykickstart/parser.py;hb=refs/heads/rhel5-branch#l306 self.ksdata.authconfig will get passed entirely to the authconfig command. And then self._line is set here: http://git.fedoraproject.org/git/?p=pykickstart.git;a=blob;f=pykickstart/parser.py;hb=refs/heads/rhel5-branch#l1206 As you can see, it's the raw and unprocessed line complete with leading spaces. The block in doAuthconfig is meant to skip over the leading "auth" because it doesn't expect there to be any leading space. This only affects the authconfig command, and only in RHEL5. It's fixed in RHEL6. If you require a fix in RHEL5 for some reason, please talk to a support representative so we can work on scheduling a fix for the pykickstart package. Otherwise, just un-indent the commands in your kickstart file or wait for RHEL6.