Project

General

Profile

Actions

User story #3435

closed

Password not optional in "User management" technique

Added by Dennis Cabooter almost 11 years ago. Updated about 9 years ago.

Status:
Rejected
Priority:
2
Category:
Techniques
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

Cfengine tries to set a new line as password, when password is not set in the "User management" technique:

 !! Finished command related to promiser "/bin/echo -e "\n" | /usr/bin/passwd foo" -- an error occurred (returned 10)
Q: ".../bin/echo -e "\": Enter new UNIX password: Retype new UNIX password: passwd: Authentication token manipulation error
 !! Finished command related to promiser "/bin/echo -e "\n" | /usr/bin/passwd bar" -- an error occurred (returned 10)
Q: ".../bin/echo -e "\": Enter new UNIX password: Retype new UNIX password: passwd: Authentication token manipulation error

Related issues 1 (0 open1 closed)

Related to Rudder - User story #3461: Update the userManagement Technique to update /etc/shadow directly (and use hashed passwords)ReleasedMatthieu CERDA2013-04-15Actions
Actions #1

Updated by Nicolas PERRON almost 11 years ago

  • Target version changed from 2.5.2 to 2.5.3
Actions #2

Updated by Vincent MEMBRÉ almost 11 years ago

  • Category set to Techniques
  • Status changed from New to 8
  • Assignee set to Jonathan CLARKE

We should probably add a way to add user without password.

I see two ways to handle this:

  • Add a checkbox to create a user without password.
    The form should not be validated if the field is empty and the checkbox is unchecked
  • Handle the empty case of that field to create a user with an empty password.
Actions #3

Updated by Jonathan CLARKE almost 11 years ago

  • Assignee changed from Jonathan CLARKE to Dennis Cabooter

This brings up the interesting question of what the intent is here. When you define a Directive to create a user without a password, does this mean:
a) Create the user with an empty password, so just typing in the login name lets you log in
b) Create the user but without a password, so that he can't login
c) Something else?

Dennis, what do you think? What was your original use case when using this?

Actions #4

Updated by Jonathan CLARKE almost 11 years ago

Actually, #3461 just introduced a version 2.0 of this Technique, that no longer echoes strings through the passwd command, but instead does the hashing when you enter the password in the web UI (so it is never stored in cleartext). This is available in the 2.6.0 release of Rudder (or will be when it's released later today).

This doesn't fix the bug you describe in version 1.0, but since the code has been replaced in version 2.0 it will no longer apply. We still need to work around this in 1.0.

Actions #5

Updated by Dennis Cabooter almost 11 years ago

My original use case is to create a user with a ssh key. This user doesn't need a password. I propose that, if the password field is left emtpy, a random password will be set for the user.

Actions #6

Updated by Dennis Cabooter almost 11 years ago

I'm using Rudder 2.5 in production, and afaik it is recommended to not use 2.6 in production yet.

Actions #7

Updated by Nicolas PERRON almost 11 years ago

  • Target version changed from 2.5.3 to 2.5.4
Actions #8

Updated by Matthieu CERDA almost 11 years ago

  • Status changed from 8 to In progress
  • Assignee changed from Dennis Cabooter to Matthieu CERDA
  • Priority changed from N/A to 2
Actions #9

Updated by Matthieu CERDA almost 11 years ago

  • Status changed from In progress to 8
  • Assignee deleted (Matthieu CERDA)

I tried to work a bit on this, but this is complicated and I do not currently have the ressources to finish this. It should impact even the old versions (2.3).

Actions #10

Updated by Nicolas PERRON almost 11 years ago

  • Target version changed from 2.5.4 to 2.5.5
Actions #11

Updated by Jonathan CLARKE over 10 years ago

  • Project changed from Rudder to 24
  • Category changed from Techniques to Techniques
Actions #12

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.5.5 to 2.5.6
Actions #13

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.5.6 to 2.4.8

This is not specific to Rudder 2.5, it should happen Rudder 2.4 too. I suppose #3844 will fix this issue even if this is not directly related.

Actions #14

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.4.8 to 2.4.9
Actions #15

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.4.9 to 2.4.10
Actions #16

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.4.10 to 2.4.11
Actions #17

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.4.11 to 2.4.12
Actions #18

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.4.12 to 2.4.13
Actions #19

Updated by Vincent MEMBRÉ about 10 years ago

  • Target version changed from 2.4.13 to 2.6.11

Since 2.4 is not maintained anymore, retargeting to branch 2.6

Actions #20

Updated by Vincent MEMBRÉ about 10 years ago

  • Target version changed from 2.6.11 to 2.6.12
Actions #21

Updated by Vincent MEMBRÉ about 10 years ago

  • Target version changed from 2.6.12 to 2.6.13
Actions #22

Updated by Vincent MEMBRÉ almost 10 years ago

  • Target version changed from 2.6.13 to 2.6.14
Actions #23

Updated by Jonathan CLARKE almost 10 years ago

  • Target version changed from 2.6.14 to 2.6.16
Actions #24

Updated by Jonathan CLARKE almost 10 years ago

  • Target version changed from 2.6.16 to 2.6.17
Actions #25

Updated by Nicolas PERRON over 9 years ago

  • Target version changed from 2.6.17 to 2.6.18
Actions #26

Updated by Matthieu CERDA over 9 years ago

  • Target version changed from 2.6.18 to 2.6.19
Actions #27

Updated by Vincent MEMBRÉ over 9 years ago

  • Target version changed from 2.6.19 to 2.6.20
Actions #28

Updated by François ARMAND about 9 years ago

  • Assignee set to Benoît PECCATTE
  • Target version changed from 2.6.20 to 2.10.10

Benoit, could you take a fresh eye on that one ?

Actions #29

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 2.10.10 to 2.10.11
Actions #30

Updated by Benoît PECCATTE about 9 years ago

  • Status changed from 8 to Discussion

Still present, but only in technique 1.0

Actions #31

Updated by Benoît PECCATTE about 9 years ago

  • Tracker changed from Bug to User story
  • Status changed from Discussion to Rejected

This ticket is about a feature: adding a user with no password.
It has been implemented in later versions of the technique, so i close it.

Actions #32

Updated by Benoît PECCATTE about 9 years ago

  • Project changed from 24 to Rudder
  • Category changed from Techniques to Techniques
Actions

Also available in: Atom PDF