/etc/login.defs created as /etc/login.defs.rpmnew

Matthew Saltzman mjs at clemson.edu
Thu Jan 7 01:34:37 UTC 2010 

On Thu, 2010-01-07 at 08:29 +1100, Cameron Simpson wrote: 
> On 06Jan2010 09:41, Marcel Rieux <m.z.rieux at gmail.com> wrote:
> | > | > This normally means that /etc/login.defs was not exactly as it was
> | > | > originally installed.
> | > | I didn't change it. Is it possible that a program changed it?
> | > Sure, though I'd imagine unlikely. It might also be a permissions
> | > change; I don't know how picky rpm/yum is about this.
> | 
> | It's chmoded group and user readable, which is not really necessary
> | but doesn't change much, I suppose.
> 
> rpm has some "verify" options. See the VERIFY OPTIONS section of "man
> rpm". Run it against login.defs and see what's different.

$ rpm -qVf /etc/login.defs
...
S.5....T.  c /etc/login.defs
...

$ ls -l /etc/login.defs*
-rw-r--r--. 1 root root 1524 2009-11-29 11:42 /etc/login.defs
-rw-r--r--. 1 root root 1475 2009-11-18 08:51 /etc/login.defs.rpmnew

$ diff /etc/login.defs*
56,57c56,57
< # Use MD5 or DES to encrypt password? Red Hat use MD5 by default.
< MD5_CRYPT_ENAB no
---
> # Use SHA512 to encrypt password.
> ENCRYPT_METHOD SHA512 
59d58
< ENCRYPT_METHOD SHA512

$ rpm -qif /etc/login.defs
Name        : shadow-utils                 Relocations: (not relocatable)
Version     : 4.1.4.2                           Vendor: Fedora Project
Release     : 2.fc12                        Build Date: Wed 18 Nov 2009 09:00:37 AM EST
Install Date: Tue 05 Jan 2010 07:08:49 PM EST      Build Host: x86-5.fedora.phx.redhat.com
Group       : System Environment/Base       Source RPM: shadow-utils-4.1.4.2-2.fc12.src.rpm
Size        : 2700852                          License: BSD and GPLv2+
Signature   : RSA/8, Thu 26 Nov 2009 02:44:54 AM EST, Key ID 9d1cc34857bbccba
Packager    : Fedora Project
URL         : http://pkg-shadow.alioth.debian.org/
Summary     : Utilities for managing accounts and shadow password files

So the "old" version is newer than the "new" version.  I've never
touched that file, so it's not because the old one was changed from the
distribution version (at least not intentionally).

-- 
                Matthew Saltzman

Clemson University Math Sciences
mjs AT clemson DOT edu
http://www.math.clemson.edu/~mjs

More information about the fedora-list mailing list