man-pages/man-pages-2.48-passwd.patch
2007-05-11 08:49:44 +00:00

25 lines
1.1 KiB
Diff

--- man-pages-2.48/man5/passwd.5.pom 2007-04-13 00:42:49.000000000 +0200
+++ man-pages-2.48/man5/passwd.5 2007-05-11 10:33:22.000000000 +0200
@@ -46,11 +46,20 @@
basic assumption used to be that of a friendly user-community.
These days many people run some version of the shadow password suite, where
.I /etc/passwd
-has asterisks (*) instead of encrypted passwords,
+has "x" instead of encrypted passwords,
and the encrypted passwords are in
.I /etc/shadow
which is readable by the superuser only.
.PP
+If the encrypted password, whether in /etc/passwd or in /etc/shadow, is
+an empty string, login is allowed without even asking for a password.
+Note that this functionality may be intentionally disabled in applications,
+or configurable (for example using the "nullok" or "nonull" arguments to
+pam_unix.so).
+.PP
+If the encrypted password in /etc/passwd is "*NP*" (without the quotes),
+the shadow record should be obtained from a NIS+ server.
+.PP
Regardless of whether shadow passwords are used, many sysadmins
use an asterisk in the encrypted password field to make sure
that this user can not authenticate him- or herself using a