-
Notifications
You must be signed in to change notification settings - Fork 223
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SHA_CRYPT_{MIN/MAX}_ROUNDS vs. SHA_ROUNDS_DEFAULT #393
Comments
ernibert
changed the title
SHA_CRYPT_{MIN/MAX}_ROUNDS misinterpreted
SHA_CRYPT_{MIN/MAX}_ROUNDS vs. SHA_ROUNDS_DEFAULT
Jul 26, 2021
floppym
added a commit
to floppym/shadow
that referenced
this issue
Aug 14, 2021
If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified, use SHA_ROUNDS_DEFAULT. Previously, the code fell through, calling shadow_random(-1, -1). This ultimately set rounds = (unsigned long) -1, which ends up being a very large number! This then got capped to SHA_ROUNDS_MAX later in the function. The new behavior matches BCRYPT_get_salt_rounds(). Bug: https://bugs.gentoo.org/808195 Fixes: shadow-maint#393
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kraj
pushed a commit
to YoeDistro/poky-old
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 (From OE-Core rev: 6ec2b1806d2a1a2df2d763ae0db5ea1cdaa738d7) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kraj
pushed a commit
to YoeDistro/poky-old
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 (From OE-Core rev: 3fc1c689eb6753bf97b9b661cc7fe5cfc9e32144) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kraj
pushed a commit
to YoeDistro/openembedded-core
that referenced
this issue
Aug 16, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kraj
pushed a commit
to YoeDistro/openembedded-core
that referenced
this issue
Aug 17, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
halstead
pushed a commit
to openembedded/openembedded-core
that referenced
this issue
Aug 17, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
seambot
pushed a commit
to seamapi/poky
that referenced
this issue
Aug 17, 2021
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 (From OE-Core rev: ad8c62f988017e1e4da1f5ed7fb6f4a5ce44844e) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 (From OE-Core rev: ad8c62f988017e1e4da1f5ed7fb6f4a5ce44844e) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
Backport a patch [1] to fix chpasswd, gpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage though they finally terminate successfully. [1] shadow-maint/shadow#393 (From OE-Core rev: ad8c62f988017e1e4da1f5ed7fb6f4a5ce44844e) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue:
chpasswd and passwd "hang" for several minutes (10-20min) at 100% cpu usage (while they finally terminate successfully).
System:
newly built Linux system with shadows installed by configure/make/make install. SHA_CRYPT_{MIN/MAX}_ROUNDS are unset out in /etc/login.defs.
Cause:
Looks like the passwords are hashed somehow using the maximum value of encryption rounds (999999999) as the resulting password line in /etc/shadow shows:
root:$6$rounds=999999999$yBrrL1jQHN.00...iWC.:18834:0:99999:7:::
Solution:
I'm not sure if i got it all right - but this tweak made chpasswd/passwd working again:
The text was updated successfully, but these errors were encountered: