On Sun, 24 Aug 2003 21:13:48 +0500, rihad <rihad@mail.ru> wrote:

I just upgraded last night and don't have any problems with logins. I
don't have an accounts with empty passwords though.


That's not the right way to do it. The empty password should be in
/etc/shadow if you are using shadow passwords.


That's because there is supposed to be an 'x' in the password field to
indicate shadow passwords are used. No 'x' means to use the passwd file.

As a test I removed the password from one of my accounts. It behaves as
you describe, won't let me login. I think the reason is that the
"nullok" parameter is not set on pam_unix.so in /etc/pam.d/common-auth.

It appears that the update changed the layout of the pam.d directory,
which is probably what caused this to appear now. It looks like they're
moving some of the common stuff into common-* files that get included by
the service files.


--
-| Bob Hauck
-| To Whom You Are Speaking
-| http://www.haucks.org/