Bug #5525: User management technique not setting password entry on SLES - Rudder - Issue Tracker

Custom queries

8.1 beta
Bugs triage
My TR
Need technical review
Open bugs (all)
Open bugs (UI - UX)
Open issues 8.0
Open UX defects (all)
Opened by users

Actions

Copy link

Bug #5525

closed

User management technique not setting password entry on SLES

Added by Florian Heigl over 9 years ago. Updated about 7 years ago.

Status:

Rejected

Priority:

N/A

Assignee:

Category:

Techniques

Target version:

3.1.20

Pull Request:

Severity:

Major - prevents use of part of Rudder | no simple workaround

UX impact:

User visibility:

Getting started - demo | first install | level 1 Techniques

Effort required:

Small

Priority:

Name check:

Fix check:

Regression:

Description

I've tested adding a user via the User management technique.

On SLES 11SP3, it adds the user but doesn't update /etc/shadow with a password.
Accordingly, the newly created user cannot SSH in, a pam error is logged.
Once you manually set a password for the user, it is able to log in.

I checked the same technique works against a Debian wheezy VM, adding a user with a password.

I also tried switching the encryption from SHA512 to MD5, no luck.

SLES:
rudderc4:~ # tail -1 /etc/passwd abcdef:x:1001:100:My Test user:/home/some:/usr/bin/ksh rudderc4:~ # tail -1 /etc/shadow abcdef:!:16325:0:99999:7:::

Debian:
well, just the way it should look...

History
Notes
Property changes

Actions

Copy link

Updated by François ARMAND over 9 years ago

Assignee set to Matthieu CERDA

Thanks for that report.
I think Matthieu could know more about that one ?

For information, could you let me know what is you Rudder & Technique version ?

Thanks,

Actions

Copy link

Updated by Florian Heigl over 9 years ago

Hi,

I reinstalled yesterday, so no clipboard :/

Setup I could produce this:

all SLES OS in this Lab SLES11 SP3

techniques sles 2.11.2 (updated, just in case)
server: 2.11.1 (all but techniques)
agent: 2.11.1

I'm expecting to hear about result from the other lab (SLES11SP2 + 2.11.2) pretty soon.
Tbh I doubt it'll be different though :)

Actions

Copy link

Updated by Florian Heigl over 9 years ago

Hi,

I had a very close look at the usermanagement techique. I don't fully understand it, but I noticed the difference between pwoneshot and pweverytime.
After seeing this differentitation I changed the password check policy to "every time" and voila, the password got set.

I think this is a design problem, if the user is added there must be some race condition that misses the update to /etc/shadow.
Later it's not checked any more and so the valid hash is never written to shadow.

I have no idea why it would happen on SLES but not on Debian, but this is what it looks like :)

Actions

Copy link

Updated by François ARMAND over 9 years ago

Assignee changed from Matthieu CERDA to Nicolas CHARLES

Thank you veery much for the deep analysis.
Nicolas, I think you are the best to know what to do next on that case.

Thanks again,

Actions

Copy link

Updated by Benoît PECCATTE almost 9 years ago

Category set to Techniques
Target version set to 2.10.14

Actions

Copy link

Updated by Vincent MEMBRÉ almost 9 years ago

Target version changed from 2.10.14 to 2.10.15

Actions

Copy link

Updated by Vincent MEMBRÉ almost 9 years ago

Target version changed from 2.10.15 to 2.10.16

Actions

Copy link

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.10.16 to 2.10.17

Actions

Copy link

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.10.17 to 2.10.18

Actions

Copy link

#10

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.10.18 to 2.10.19

Actions

Copy link

#11

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.10.19 to 2.10.20

Actions

Copy link

#12

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.10.20 to 277

Actions

Copy link

#13

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 277 to 2.11.18

Actions

Copy link

#14

Updated by Vincent MEMBRÉ over 8 years ago

Target version changed from 2.11.18 to 2.11.19

Actions

Copy link

#15

Updated by Vincent MEMBRÉ about 8 years ago

Target version changed from 2.11.19 to 2.11.20

Actions

Copy link

#16

Updated by Vincent MEMBRÉ about 8 years ago

Target version changed from 2.11.20 to 2.11.21

Actions

Copy link

#17

Updated by Vincent MEMBRÉ almost 8 years ago

Target version changed from 2.11.21 to 2.11.22

Actions

Copy link

#18

Updated by Vincent MEMBRÉ almost 8 years ago

Target version changed from 2.11.22 to 2.11.23

Actions

Copy link

#19

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 2.11.23 to 2.11.24

Actions

Copy link

#20

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 2.11.24 to 308

Actions

Copy link

#21

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 308 to 3.1.14

Actions

Copy link

#22

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 3.1.14 to 3.1.15

Actions

Copy link

#23

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 3.1.15 to 3.1.16

Actions

Copy link

#24

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 3.1.16 to 3.1.17

Actions

Copy link

#25

Updated by Vincent MEMBRÉ over 7 years ago

Target version changed from 3.1.17 to 3.1.18

Actions

Copy link

#26

Updated by Vincent MEMBRÉ about 7 years ago

Target version changed from 3.1.18 to 3.1.19

Actions

Copy link

#27

Updated by François ARMAND about 7 years ago

Severity set to Major - prevents use of part of Rudder | no simple workaround
User visibility set to Getting started - demo | first install | level 1 Techniques
Effort required set to Small
Priority set to 52

Actions

Copy link

#28

Updated by Vincent MEMBRÉ about 7 years ago

Target version changed from 3.1.19 to 3.1.20

Actions

Copy link

#29

Updated by Jonathan CLARKE about 7 years ago

Assignee deleted (~~Nicolas CHARLES~~)

Actions

Copy link

#30

Updated by Alexis Mousset about 7 years ago

Status changed from New to Rejected

Could not reproduce on 3.1 with SLES11.3, User Management technique in version 7.1.

Rejecting, please reopen if the problem still occurs.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #5525

User management technique not setting password entry on SLES

Updated by François ARMAND over 9 years ago

Updated by Florian Heigl over 9 years ago

Updated by Florian Heigl over 9 years ago

Updated by François ARMAND over 9 years ago

Updated by Benoît PECCATTE almost 9 years ago

Updated by Vincent MEMBRÉ almost 9 years ago

Updated by Vincent MEMBRÉ almost 9 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ over 8 years ago

Updated by Vincent MEMBRÉ about 8 years ago

Updated by Vincent MEMBRÉ about 8 years ago

Updated by Vincent MEMBRÉ almost 8 years ago

Updated by Vincent MEMBRÉ almost 8 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ over 7 years ago

Updated by Vincent MEMBRÉ about 7 years ago

Updated by François ARMAND about 7 years ago

Updated by Vincent MEMBRÉ about 7 years ago

Updated by Jonathan CLARKE about 7 years ago

Updated by Alexis Mousset about 7 years ago