David C. Rankin (2010-03-01 17:03): > On 03/01/2010 12:32 PM, jwbirdsong wrote: > >> Quick Question: > >> > >> How do we change group information while this bug is there? Do we > >> disable pam > >> or do we just edit /etc/group in the interim? > >> > >> > > Patch shadow your self w/ aforementioned gentoo patch. works fine > > after building w/ the patch. > > Will do, > > In the interim, and I know there will be howls against doing it, but I simply > edited /etc/passwd and /etc/group and set the gid to what I needed. Worked fine. > /etc/shadow doesn't appear to hold any group information so I think I found all > the needed files. Right now it is just a one user system and subsequent to the > gid change, I added the group that needed the gid with groupadd and it worked > like a champ. Anybody see any "you just broke this -- stupid..." issues? Most probably, editing /etc/group and ignoring /etc/gshadow won't break anything if you're not using group passwords (are these used by anybody?). But I would keep /etc/group and /etc/gshadow synchronized anyway. You can use /usr/sbin/vigr to edit these files by hand. If you have a working cron, you might get an e-mail telling you about problems. Try to run this as root (and look at the file contents): $ /etc/cron.daily/shadow
