Forum: Cfengine Help Subject: Re: We need +1 function, shadowexists() to complement userexists() and groupexists() Author: Seva Gluschenko Link to topic: https://cfengine.com/forum/read.php?3,21315,21321#msg-21321
Such a "safety feature" looks completely wrong to me. There is number of system users (such as mysql or www) which aren't intended to allow direct logins and so that have something like "!!" or "*" instead of their passwords. Next, a system administrator may decide to block temporarily some user by putting a char in front of crypted password. Finally, there can be a lot of different authentication mechanisms, including LDAP, Radius and private keys, and one could wish to disallow local passwords completely for most users. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
