Back to bug 1401432
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Dolezal | 2016-12-06 16:33:05 UTC | CC | todoleza | |
| Akshay Sakure | 2016-12-20 22:06:58 UTC | CC | asakure | |
| Petr Kubat | 2016-12-21 07:28:46 UTC | Flags | needinfo?(asakure) | |
| Petr Kubat | 2017-01-04 07:16:53 UTC | Status | NEW | ASSIGNED |
| Flags | needinfo?(asakure) | |||
| Honza Horak | 2017-01-10 15:18:28 UTC | Blocks | 1380359 | |
| Honza Horak | 2017-01-13 16:45:11 UTC | Blocks | 1393868 | |
| Petr Kubat | 2017-01-17 10:57:52 UTC | Keywords | Patch | |
| Petr Kubat | 2017-01-20 13:16:58 UTC | Status | ASSIGNED | MODIFIED |
| errata-xmlrpc | 2017-01-20 13:18:58 UTC | Status | MODIFIED | ON_QA |
| Petr Kubat | 2017-01-20 13:37:01 UTC | Doc Text | Cause: When using passwd.adjunct map on a NIS server, yppasswd tries to use the "##user" string contained inside the password file in place of a regular password as salt. A similar problem arises when the NIS server is using a password file that is not merged with the shadow file, since yppasswd tries to use "x" string as salt. Consequence: yppasswd command fails with a "crypt() failed" error. Fix: We have ported a patch from Fedora to fix these two issues. Result: yppasswd not changes the password as expected and does not try to use either of the problematic strings as salt. | |
| Doc Type | If docs needed, set a value | Release Note | ||
| Vaclav Danek | 2017-02-15 14:08:16 UTC | QA Contact | qe-baseos-daemons | vdanek |
| Honza Horak | 2017-02-21 17:25:04 UTC | Doc Type | Release Note | Bug Fix |
| Petr Kubat | 2017-02-24 13:44:42 UTC | Fixed In Version | yp-tools-2.14-4.el7 | |
| Petr Kubat | 2017-04-13 06:57:56 UTC | Doc Text | Cause: When using passwd.adjunct map on a NIS server, yppasswd tries to use the "##user" string contained inside the password file in place of a regular password as salt. A similar problem arises when the NIS server is using a password file that is not merged with the shadow file, since yppasswd tries to use "x" string as salt. Consequence: yppasswd command fails with a "crypt() failed" error. Fix: We have ported a patch from Fedora to fix these two issues. Result: yppasswd not changes the password as expected and does not try to use either of the problematic strings as salt. | Cause: When using passwd.adjunct map on a NIS server, yppasswd tries to use the "##user" string contained inside the password file in place of a regular password as salt. A similar problem arises when the NIS server is using a password file that is not merged with the shadow file, since yppasswd tries to use "x" string as salt. Consequence: yppasswd command fails with a "crypt() failed" error. Fix: We have ported a patch from Fedora to fix these two issues. Result: yppasswd changes the password as expected and does not try to use either of the problematic strings as salt. |
| Doc Type | Bug Fix | Release Note | ||
| Lenka Špačková | 2017-04-27 18:43:31 UTC | Docs Contact | mjahoda | |
| Mirek Jahoda | 2017-04-28 12:05:04 UTC | Docs Contact | mjahoda | vslavik |
| Vladimír Slávik | 2017-05-11 17:03:40 UTC | Doc Text | Cause: When using passwd.adjunct map on a NIS server, yppasswd tries to use the "##user" string contained inside the password file in place of a regular password as salt. A similar problem arises when the NIS server is using a password file that is not merged with the shadow file, since yppasswd tries to use "x" string as salt. Consequence: yppasswd command fails with a "crypt() failed" error. Fix: We have ported a patch from Fedora to fix these two issues. Result: yppasswd changes the password as expected and does not try to use either of the problematic strings as salt. | *yppasswd* no longer tries to use wrong strings as salt The *yppasswd* utility failed with message `crypt() failed` due to using a wrong string instead of salt in two cases: * When using `passwd.adjunct` map on a Network Information System server, *yppasswd* used string `"##user"`. * When using a password file not merged with the shadow file on a NIS server, *yppasswd* used string `"x"`. Both problems have been corrected in the *yppasswd* code. *yppasswd* no longer uses wrong strings as salt. |
| Flags | needinfo?(pkubat) | |||
| Petr Kubat | 2017-05-12 05:52:16 UTC | Flags | needinfo?(pkubat) | |
| Vladimír Slávik | 2017-05-12 16:01:31 UTC | Doc Text | *yppasswd* no longer tries to use wrong strings as salt The *yppasswd* utility failed with message `crypt() failed` due to using a wrong string instead of salt in two cases: * When using `passwd.adjunct` map on a Network Information System server, *yppasswd* used string `"##user"`. * When using a password file not merged with the shadow file on a NIS server, *yppasswd* used string `"x"`. Both problems have been corrected in the *yppasswd* code. *yppasswd* no longer uses wrong strings as salt. | *yppasswd* no longer crashes when passwords are not present in `/etc/passwd` due to features used on NIS server The *ypasswd* client did not recognize when the Network Information System server used `passwd.adjunct` map or a password file not merged with the shadow file and wrongly used content from `/etc/passwd` file instead of the actual salt. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize this situation and now delegates the checks to *yppasswdd* daemon on the server. |
| Flags | needinfo?(pkubat) | |||
| Petr Kubat | 2017-05-15 06:31:17 UTC | Flags | needinfo?(pkubat) | |
| Vladimír Slávik | 2017-05-15 16:27:14 UTC | Doc Text | *yppasswd* no longer crashes when passwords are not present in `/etc/passwd` due to features used on NIS server The *ypasswd* client did not recognize when the Network Information System server used `passwd.adjunct` map or a password file not merged with the shadow file and wrongly used content from `/etc/passwd` file instead of the actual salt. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize this situation and now delegates the checks to *yppasswdd* daemon on the server. | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client used wrong salt because it did not recognize when the user set variable "MERGE_PASSWD=false" in the file `/var/yp/Makefile`, or used the `passwd.adjunct` map. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. |
| Flags | needinfo?(pkubat) | |||
| Petr Kubat | 2017-05-16 08:46:43 UTC | Flags | needinfo?(pkubat) | |
| Vladimír Slávik | 2017-05-16 10:36:17 UTC | Doc Text | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client used wrong salt because it did not recognize when the user set variable "MERGE_PASSWD=false" in the file `/var/yp/Makefile`, or used the `passwd.adjunct` map. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client tried to use a wrong string as salt when checking passwords because it did not recognize when the NIS server was configured to use the `passwd.adjunct` map, or when the variable "MERGE_PASSWD=false" was set in the server's file `/var/yp/Makefile`. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. |
| Vladimír Slávik | 2017-05-16 15:28:58 UTC | Doc Text | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client tried to use a wrong string as salt when checking passwords because it did not recognize when the NIS server was configured to use the `passwd.adjunct` map, or when the variable "MERGE_PASSWD=false" was set in the server's file `/var/yp/Makefile`. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client tried to use a wrong string as salt when checking passwords because it did not recognize when the NIS server was configured to use the `passwd.adjunct` map, or when the variable "MERGE_PASSWD=false" was set in the server's file `/var/yp/Makefile`. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. |
| Doc Type | Release Note | Bug Fix | ||
| Vladimír Slávik | 2017-05-18 10:53:09 UTC | Doc Text | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client tried to use a wrong string as salt when checking passwords because it did not recognize when the NIS server was configured to use the `passwd.adjunct` map, or when the variable "MERGE_PASSWD=false" was set in the server's file `/var/yp/Makefile`. As a consequence, *yppasswd* failed with message "crypt() failed". The *yppasswd* client has been changed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. | *yppasswd* no longer crashes due to Network Information System security features used The *yppasswd* client tried to use a wrong string as salt when checking passwords because it did not recognize the following situations: * The NIS server was configured to use the `passwd.adjunct` map * The variable "MERGE_PASSWD=false" was set in the NIS server's file `/var/yp/Makefile` As a consequence, *yppasswd* failed with the following error message: "crypt() failed". The *yppasswd* client has been fixed to recognize these situations and now delegates the checks to the *yppasswdd* daemon running on the server. |
| Vaclav Danek | 2017-06-05 13:35:08 UTC | Status | ON_QA | ASSIGNED |
| Ondrej Vasik | 2017-06-05 14:19:21 UTC | CC | ovasik | |
| Petr Kubat | 2017-06-05 14:28:57 UTC | Status | ASSIGNED | MODIFIED |
| errata-xmlrpc | 2017-06-05 14:37:16 UTC | Status | MODIFIED | ON_QA |
| Vaclav Danek | 2017-06-07 07:19:31 UTC | Status | ON_QA | VERIFIED |
| errata-xmlrpc | 2017-08-01 16:14:29 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-08-01 12:14:29 UTC |
Back to bug 1401432