Andrew McRory posted to
BUGTRAQ:
Hello,
I believe I’ve found a bug in the installation process of
OpenLinux 2.2 when using the LISA boot disk. During the
installation a temporary passwd file is put on the new file system
containing the user “help” set uid=0 gid=0 and no password. Once
you are prompted to set the root password and default user password
a new passwd and shadow file is created yet the help user is left
in the shadow file with, you guessed it, no password… Here are
the offending entries:/etc/passwd
help:x:0:0:install help user:/:/bin/bash/etc/shadow
help::10709:0:365:7:7::Anyone who installed OpenLinux 2.2 using the LISA boot disk
should check their password file now 😉I found this using a cdrom I made from a mirror of the mirror at
ftp.tux.org. Just to make sure I wasn’t mixed up I redownloaded the
install.144 file from ftp.calderasystems.com and tried again. Same
thing. The install disk is version 137 dated 26Mar99 (displayed on
the boot message).I wrote Caldera a message late in the day Friday regarding this
bug but haven’t heard back from anyone. I’ve tried to resist
posting this until I hear back but I really feel people should know
now!!PS: I’m not sure if Lizard, the graphical installation method,
has this problem. It crashes before it does much here…. that’s
why I tried LISA.
Caldera representative, Ralf
Flaxa responded with this:
We are currently checking whether this is a FTP version
only phenomena or not.In any case we will make new (old style) LISA images available
this afternoon (MET). Watch for the 138 images. I’ll post a
follow-up to this mail when they are available.Note that *only* the LISA (old style) install is affected. The
lizard (new style, graphical) install is not affected.To avoid confusion – old style images carry 1xx numbers, new
style images carry 2xx numbers.If you had to use the old style images, the quick fix is to
remove (after installation) the lines starting with “help” from
/etc/passwd and /etc/shadow.