- From: "Jason J. W. Williams" <
>
- To:
- Subject: [chef] Re: Re: Re: Re: Re: Re: Removing root's password results in 'ruby-shadow not installed' error.
- Date: Tue, 3 May 2011 20:13:17 -0600
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=SOY/F9QEgitdK/edEmMg37eX1YkhsaUZnMxq9pBuzijCofvOYgeS23lDn09DUnyzYm E/kEz2mYKJu+YgKS0lR8lr9ACgPC9yMMYk2xUEEpyQ/vUvJEWIUX7ZYEL7KPw4OHt1VZ sNYqJ8q7yErmdBZ0xOaR1Y2WtTJ3FVUh8vwFc=
>
Are you install Chef from gems or debs?
Debs.
>
I suppose you could set the password to "*" using the password
>
attribute. Since we're normally writing directly to this field through
>
the shadow library, that may work.
Setting the password attribute to "*" is what appears to trigger the
issue. Locking the account works fine though.
>
Please keep in mind that neither of these options prevent login to an
>
account on Linux, they only prohibit login using a password. Often
>
people disable root login via ssh in the sshd_config and delete other
>
users when they are no longer needed. Alternately you could expire the
>
account (chage -E 1 user)
Root login is also disabled in sshd_config. The goal is to prevent
login with a password to the root account. If a privileged user
becomes root that's acceptable. Just getting rid of direct
password-based login to the account.
Thank you for your help.
-J
[chef] Re: Removing root's password results in 'ruby-shadow not installed' error., Jay Buffington, 05/03/2011
[chef] Re: Removing root's password results in 'ruby-shadow not installed' error., Ian Marlier, 05/03/2011
[chef] Re: Removing root's password results in 'ruby-shadow not installed' error., Bryan McLellan, 05/03/2011
Archive powered by MHonArc 2.6.16.