[Users] create CT with password
Dietmar Maurer
dietmar at proxmox.com
Tue Nov 11 06:29:04 EST 2008
> On Tue, Nov 11, 2008 at 10:58:46AM +0100, Dietmar Maurer wrote:
> > Is there are real world example where my approach does not work?
>
> I think your approach won't work as is, at least in any tcb-enabled
> system (see http://www.openwall.com/tcb/) for two obvious reasons:
> - file where root shadow entry is stored is not /etc/shadow;
I guess it is possible to detect the file and store the password?
> - password hashing algorithm in the host system and in containers may
> differ (this issue is not specific to tcb).
If I interpret the documentation correct the password includes the
algorithm
used to encode it - so auth will succeed no matter how you
configure pam_unix (hashing algorithm configuration is only used to
store password)
- Dietmar
More information about the Users
mailing list