Eric Martin wrote:
So I just found an odd entry in /etc/passwd on one of my servers:
+::::::
Of course I'm not running tripwire on it so I can't be assured of the last time I edited the file / did anything to edit it. etc/shadow doesn't have the entry but shadow is only checked if the second field is x, right?
I'm running Suse and I've been using yast lately, could that have anything to do with it? I hope it does as I really hope I don't have to run a full audit on the box.
Looks like it's part of NIS/NIS+ configuration: http://www.cyberciti.biz/faq/plus-minus-sign-in-unix-linux-passwd-file/ -- Frank Sweetser fs at wpi.edu | For every problem, there is a solution that WPI Senior Network Engineer | is simple, elegant, and wrong. - HL Mencken GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC