[Bug 1323732] Re: adduser should support managing additional password/shadow/group files from libnss-extrausers

[Oliver Grawert]

does nss-altfiles allow us to keep a readonly locked down
/etc/passwd|shadow|group|gshadow ? it is pretty essential that adduser
can not change system accounts that are in one of the above files in our
readonly setup, can nss-altfiles provide such a level of lockdown ?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/1323732

Title:
  adduser should support managing additional password/shadow/group files
  from libnss-extrausers

Status in adduser package in Ubuntu:
  In Progress

Bug description:
  with our readonly system-image setup when adding a user or changing a password using the /etc/{passwd,shadow,group} is not actually possible. 
  we plan to solve this via using libnss-extrausers and patching the config in /etc/nsswitch.conf at image build-time. this way we can make /var/lib/extrausers writable and use passwd,shadow and group from there.

  unfortunately adduser is not able to operate on these files in the
  non-standard location. to set a user password (for having a properly
  working lock screen), add new users or drop the "nopasswordlogin"
  group from the phablet user it needs to learn handling these files so
  that we do not need to use weird hacks to manage users on system-image
  installs.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/1323732/+subscriptions