Hi Folks, Can anyone interpret the following for me? I can't find it referred to in 'man' documentation. Some "user" entries in /etc/passwd have "!!" in the encrypted password field, e.g. sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin mysql:!!:27:27:MySQL Server:/var/lib/mysql:/bin/bash postgres:!!:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash For the acounts which have /sbin/nologin as "shell" I cannot of course gain entry, even from root. On the other hand, for the accounts (mysql, postgres) which have a normal shell, I can 'su' from root without entering a password; while if I try to 'su' from any other user I'm prompted for a password (which of course does not exist). I'm wondering what the full interpretation of the "!!" is. I know about "*" in the encrypted password field: there is no possible password which encrypts fo "*", so such accounts cannot be logged into. I've already found out something (see above) about "!!" accounts, but is there more that I should know? In particular, if I were (as root) to use the 'passwd' command to give a "!!" account a real password, would I be treading on any toes in the system? With thanks, Ted. -------------------------------------------------------------------- E-Mail: (Ted Harding) <ted.harding@nessie.mcc.ac.uk> Fax-to-email: +44 (0)870 094 0861 Date: 06-Jun-07 Time: 11:53:29 ------------------------------ XFMail ------------------------------
Is this not a variant of the x for shadow passwords? JT ----- Original Message ----- From: "Ted Harding" <ted.harding@nessie.mcc.ac.uk> To: <main@lists.alug.org.uk> Sent: Wednesday, June 06, 2007 11:53 AM Subject: [ALUG] "!!" in /etc/passwd
Hi Folks,
Can anyone interpret the following for me? I can't find it referred to in 'man' documentation.
Some "user" entries in /etc/passwd have "!!" in the encrypted password field, e.g.
sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin
mysql:!!:27:27:MySQL Server:/var/lib/mysql:/bin/bash postgres:!!:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
For the acounts which have /sbin/nologin as "shell" I cannot of course gain entry, even from root.
On the other hand, for the accounts (mysql, postgres) which have a normal shell, I can 'su' from root without entering a password; while if I try to 'su' from any other user I'm prompted for a password (which of course does not exist).
I'm wondering what the full interpretation of the "!!" is. I know about "*" in the encrypted password field: there is no possible password which encrypts fo "*", so such accounts cannot be logged into.
I've already found out something (see above) about "!!" accounts, but is there more that I should know?
In particular, if I were (as root) to use the 'passwd' command to give a "!!" account a real password, would I be treading on any toes in the system?
With thanks, Ted.
-------------------------------------------------------------------- E-Mail: (Ted Harding) <ted.harding@nessie.mcc.ac.uk> Fax-to-email: +44 (0)870 094 0861 Date: 06-Jun-07 Time: 11:53:29 ------------------------------ XFMail ------------------------------
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
Hi Ted, This may help. http://www.ncsa.uiuc.edu/UserInfo/Resources/Hardware/IBMp690/IBM/usr/share/m... (Ted Harding) wrote:
Hi Folks,
Can anyone interpret the following for me? I can't find it referred to in 'man' documentation.
Some "user" entries in /etc/passwd have "!!" in the encrypted password field, e.g.
sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin
mysql:!!:27:27:MySQL Server:/var/lib/mysql:/bin/bash postgres:!!:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
For the acounts which have /sbin/nologin as "shell" I cannot of course gain entry, even from root.
On the other hand, for the accounts (mysql, postgres) which have a normal shell, I can 'su' from root without entering a password; while if I try to 'su' from any other user I'm prompted for a password (which of course does not exist).
I'm wondering what the full interpretation of the "!!" is. I know about "*" in the encrypted password field: there is no possible password which encrypts fo "*", so such accounts cannot be logged into.
I've already found out something (see above) about "!!" accounts, but is there more that I should know?
In particular, if I were (as root) to use the 'passwd' command to give a "!!" account a real password, would I be treading on any toes in the system?
With thanks, Ted.
-------------------------------------------------------------------- E-Mail: (Ted Harding) <ted.harding@nessie.mcc.ac.uk> Fax-to-email: +44 (0)870 094 0861 Date: 06-Jun-07 Time: 11:53:29 ------------------------------ XFMail ------------------------------
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
-- --------------------------------------- Stuart Bailey BSc (hons) CEng CITP MBCS LinuSoft Ltd. (Managing Director) Linux Specialist (0845) 6583563 http://www.linusoft.co.uk ----------------------------------------
On Wed, Jun 06, 2007 at 11:53:31AM +0100, Ted Harding wrote:
Hi Folks,
Can anyone interpret the following for me? I can't find it referred to in 'man' documentation.
Some "user" entries in /etc/passwd have "!!" in the encrypted password field, e.g.
sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin
mysql:!!:27:27:MySQL Server:/var/lib/mysql:/bin/bash postgres:!!:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
For the acounts which have /sbin/nologin as "shell" I cannot of course gain entry, even from root.
Yes you can... su - username -s /bin/bash Which overrides the shell from the passwd file.
On the other hand, for the accounts (mysql, postgres) which have a normal shell, I can 'su' from root without entering a password; while if I try to 'su' from any other user I'm prompted for a password (which of course does not exist).
I'm wondering what the full interpretation of the "!!" is. I know about "*" in the encrypted password field: there is no possible password which encrypts fo "*", so such accounts cannot be logged into.
! is quite common, I've not seen !! - but generally anything that can *not* be generated by crypt in there would mean it's an account without password.
I've already found out something (see above) about "!!" accounts, but is there more that I should know?
In particular, if I were (as root) to use the 'passwd' command to give a "!!" account a real password, would I be treading on any toes in the system?
The system won't care - but you'd be compromising security a bit... if you often need to run commands as that user consider using: sudo -u username command And setting up sudo so that you can run commands as that user. Thanks, -- Brett Parker
Hello Aren't !! listed accounts system accounts (or system daemon accounts)? Rgds Von On 06/06/07, Brett Parker <iDunno@sommitrealweird.co.uk> wrote:
On Wed, Jun 06, 2007 at 11:53:31AM +0100, Ted Harding wrote:
Hi Folks,
Can anyone interpret the following for me? I can't find it referred to in 'man' documentation.
Some "user" entries in /etc/passwd have "!!" in the encrypted password field, e.g.
sshd:!!:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:!!:32:32:Portmapper RPC user:/:/sbin/nologin
mysql:!!:27:27:MySQL Server:/var/lib/mysql:/bin/bash postgres:!!:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
For the acounts which have /sbin/nologin as "shell" I cannot of course gain entry, even from root.
Yes you can...
su - username -s /bin/bash
Which overrides the shell from the passwd file.
On the other hand, for the accounts (mysql, postgres) which have a normal shell, I can 'su' from root without entering a password; while if I try to 'su' from any other user I'm prompted for a password (which of course does not exist).
I'm wondering what the full interpretation of the "!!" is. I know about "*" in the encrypted password field: there is no possible password which encrypts fo "*", so such accounts cannot be logged into.
! is quite common, I've not seen !! - but generally anything that can *not* be generated by crypt in there would mean it's an account without password.
I've already found out something (see above) about "!!" accounts, but is there more that I should know?
In particular, if I were (as root) to use the 'passwd' command to give a "!!" account a real password, would I be treading on any toes in the system?
The system won't care - but you'd be compromising security a bit... if you often need to run commands as that user consider using: sudo -u username command
And setting up sudo so that you can run commands as that user.
Thanks, -- Brett Parker
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
-- Yvonne Everett Email: ye103910@googlemail.com
participants (5)
-
Brett Parker -
James Taylor -
Stuart Bailey -
ted.harding@nessie.mcc.ac.uk -
Yvonne Everett