20344 – The installer should rely on /etc/libuser.conf to decide which password encryption to use

Bug 20344 - The installer should rely on /etc/libuser.conf to decide which password encryption to use

Summary: The installer should rely on /etc/libuser.conf to decide which password encry...

Status:	NEW

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Installer (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Low Severity: enhancement
Target Milestone:	---
Assignee:	Mageia tools maintainers
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-02-24 15:23 CET by Frédéric "LpSolit" Buclin
Modified:	2017-02-28 19:45 CET (History)
CC List:	2 users (show)

See Also:	20342
Source RPM:
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Frédéric "LpSolit" Buclin 2017-02-24 15:23:40 CET

Currently, the password encryption is defined in 4 different places:

/lib/libDrakX/install/install2.pm, used by the installer when creating the root and user accounts:

  authentication => { sha512 => 1, shadow => 1 }


/lib/libDrakX/authentication.pm twice, the first one via /etc/pam.d/system-auth (for adduserdrake) and the 2nd one hardcoded (as fallback method):

  sub get() {
    my $system_auth = cat_("/etc/pam.d/system-auth");


sub user_crypted_passwd {
    my ($u, $authentication) = @_;
    ...
	# Default to sha512
	$authentication = { sha512 => 1 } unless $authentication;


and /etc/libuser.conf (for drakuser):

  crypt_style = sha512


IMHO, and unless I miss something important, they should all rely on a single source to determine which encryption to use, probably /etc/libuser.conf. The fact that the installer, drakuser and adduserdrake use 3 different sources is totally confusing and prone to inconsistencies, see e.g. bug 20342.

Marja Van Waes 2017-02-24 20:00:30 CET

CC: (none) => marja11
Assignee: bugsquad => mageiatools

Marja Van Waes 2017-02-24 20:01:01 CET

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=20342

Ulrich Beckmann 2017-02-28 12:39:18 CET

CC: (none) => bequimao.de

Comment 1 Ulrich Beckmann 2017-02-28 12:50:28 CET

sha512 seems to be a bad choice, since most Linux distributions use blowfish. 

Added see also #18986. Kwallet-pam uses blowfish, and thus 'single sign on' is no longer possible with a wrong hash. As kwallet-pam seem to be broken anyway, I could not verify this relationship.

Also I do not know, how gnome-keyring works.

Ulrich

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=18986

Comment 2 Frédéric "LpSolit" Buclin 2017-02-28 13:13:59 CET

(In reply to Ulrich Beckmann from comment #1)
> sha512 seems to be a bad choice, since most Linux distributions use
> blowfish. 

I installed and tested Linux Mint and OpenSUSE, and they both use SHA-512. SHA-512 is not a bad choice, it's just different from blowfish. The advantage of blowfish is that it's slower than SHA-512, on purpose. But this is not the topic of this bug. :)

Comment 3 Ulrich Beckmann 2017-02-28 19:45:23 CET

(In reply to Frédéric Buclin from comment #2)

> I installed and tested Linux Mint and OpenSUSE, and they both use SHA-512.
> SHA-512 is not a bad choice, it's just different from blowfish. The
> advantage of blowfish is that it's slower than SHA-512, on purpose. But this
> is not the topic of this bug. :)

You are right. My assumption and test in https://bugs.mageia.org/show_bug.cgi?id=18986#c9 is invalid.

You should add # passwd to your list of applications. I found that passwd could change the encryption method.

Ulrich

Ulrich Beckmann 2017-02-28 19:45:55 CET

See Also: https://bugs.mageia.org/show_bug.cgi?id=18986 => (none)

Note You need to log in before you can comment on or make changes to this bug.