'passwd' command adding passwords to '/etc/passwd' not '/etc/shadow'

Hi everyone

I'm trying to setup a samba server on my Linksys WRT1900AC router and I'm currently trying to add some users. Shown below is a 'guest' account I would like to add.

guest:x:100:100:guest:/mnt/sda2/home/guest:/bin/false

However, aftering issuing the command

passwd guest

I opened '/etc/shadow' and there was no listing for the 'guest' user. I went back to the '/etc/passwd' file and the password has inserted itself where the 'x' was.

Could someone tell me what's going on here please?

Many thanks

Will

Have you done the equivalent of adduser or whatever it might be already?

Typically one has to deal with the user and their group in both variants of both the user and group files (though it doesn't look like there is a group-shadow file on OpenWrt, at least at first glance).

Just to add a bit to what @jeff said, the way i've always done it is to add my user in /etc/passwd with something like this -

guest:*:1000:65534:guest:/var:/bin/false

And to issue the password -

smbpasswd -a guest

That should put the password in /etc/samba/smbpasswd, it's from the old wiki but still works for me in 18.06.1.

Sounds like busybox was built without shadow password support.

I did compile the firmware myself. If this is the case that busybox was built without shadow password support where would it be located under make menuconfig?

Entering the / character in menuconfig gives you a search box.

True. That'll be one way of way finding it.

This could possibly help too:

# grep -i shadow .config

This is what I've done so far.

Inside '/etc/passwd' I added a user called John

John:x:1000:100:users:/Media/Buffalo_HDD_1/Homes/John:/bin/false

I have then created a directory 'John' inside the directory

/Media/Buffalo_HDD_1/Homes/

This now becomes

/Media/Buffalo_HDD_1/Homes/John

I then set the ownership to John using

chown John:users /Media/Buffalo_HDD_1/Homes/John

The

ls -la /Media/Buffalo_HDD_1/Homes/John

outputs


root@OpenWrt:~# ls -la /Media/Buffalo_HDD_1/Homes/John
drwxrwxrwx    2 John     users         4096 Jan  3 13:28 .
drwxrwxrwx    3 root     root          4096 Jan  3 13:28 ..

I then did

root@OpenWrt:~# smbpasswd -a John
New SMB password:
Retype new SMB password:
Added user John.

This is my smb.conf

[global]
	netbios name = OpenWrt 
	interfaces = lo br-lan 
	server string = Samba on OpenWrt
	unix charset = UTF-8
	workgroup = OWEN

	## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
	bind interfaces only = yes
	
	## time for inactive connections to-be closed in minutes
	deadtime = 15
	
	## disable core dumps
	enable core files = no
	
	## set security (auto, user, domain, ads)
	security = user
	
	## This parameter controls whether a remote client is allowed or required to use SMB encryption.
	## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer:
    ## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions.
	## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer. 
	##(default/auto,desired,required,off)
	smb encrypt = default
	
	## set invalid users
	invalid users = root
	
	## map unknow users to guest
	map to guest = Bad User

	## allow client access to accounts that have null passwords. 
	null passwords = yes
	
	## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons)
	## (tdbsam,smbpasswd,ldapsam)
	#passdb backend = smbpasswd
	
	## Set location of smbpasswd ('smbd -b' will show default compiled location)
	smb passwd file = /etc/samba/smbpasswd 
	
	## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT)
	socket options = IPTOS_LOWDELAY TCP_NODELAY
	
	## lower CPU useage if supported
	use sendfile = yes
	
	## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.
	#blocking locks = No
	
	## disable loading of all printcap printers by default (iprint, cups, lpstat)
	load printers = No
	printcap name = /dev/null

	## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's.
	disable spoolss = yes
	
	## This parameters controls how printer status information is interpreted on your system.
	## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ)
	printing = bsd
	
	## Disable that nmbd is acting as a WINS server for unknow netbios names
	#dns proxy = No
	
	## win/unix user mapping backend
	#idmap config * : backend = tdb
	
	## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name.
	## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals.
	## (netbios, mdns)
	mdns name = mdns
	
	## Clients that only support netbios won't be able to see your samba server when netbios support is disabled.
	#disable netbios = Yes
	
	## Setting this value to no will cause nmbd never to become a local master browser.
	#local master = no

	## (auto, yes) If this is set to yes, on startup, nmbd will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with domain master = yes, so that nmbd can guarantee becoming a domain master. 
	#preferred master = yes

	## (445 139) Specifies which ports the server should listen on for SMB traffic.
	## 139 is netbios/nmbd
	#smb ports = 445 139
	
	## This is a list of files and directories that are neither visible nor accessible.
	## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards.
	veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
	
	## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes.
	delete veto files = yes
	
################ Filesystem and creation rules ################
	## reported filesystem type (NTFS,Samba,FAT)
	#fstype = FAT
	
	## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it.
	#dos filemode = Yes
	
	## file/dir creating rules
	#create mask = 0666
	#directory mask = 0777
	#force group = root
	#force user = root
	#inherit owner = windows and unix
################################################################

######### Dynamic written config options #########

	disable netbios = yes

This is my '/etc/config/samba4'

config samba
	option description 'Samba on OpenWrt'
	option charset 'UTF-8'
	option workgroup 'OWEN'
	option macos '0'
	option name 'OpenWRT'
	option homes '1'

config sambashare
	option name 'test'
	option path '/Media/Buffalo_HDD_1'
	option read_only 'no'
	option users 'John'
	option inherit_owner 'yes'
	option dir_mask '0777'

I added a mapped network drive in Windows 10 and selected the checkbox 'login using different credentials' and I'm unable to login via the new user.

Am I missing something?

Will