>Number:         14272
>Category:       misc
>Synopsis:       useradd and /etc/security interact poorly
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 17 01:56:02 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Sen Nagata
>Release:        1.5.2
>Organization:
>Environment:
>Description:
Suppose a user w/ no password and shell /sbin/nologin is created using
useradd.  e.g. useradd test -s /sbin/nologin.  The password field in /etc/master.passwd for test ends up as multiple asterisks.

/etc/security reports that such users have invalid shells.

>How-To-Repeat:
One way to repeat this problem is to install the qmail package and wait for /etc/security to run.
>Fix:
Perhaps when password-less users are added, the password field should be set to a single asterisk instead of multiple asterisks.
>Release-Note:
>Audit-Trail:
>Unformatted: