|Summary:||pam fails on empty passwords.|
|Product:||[Retired] Red Hat Linux||Reporter:||Han-Wen Nienhuys <hanwen>|
|Component:||pam||Assignee:||Cristian Gafton <gafton>|
|Status:||CLOSED RAWHIDE||QA Contact:|
|Version:||6.0||CC:||bart.durinck, bgilbert, cg2v, goeran, pahe+redhat-bugzilla, tompermutt|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2000-02-05 20:16:45 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Han-Wen Nienhuys 1999-05-25 09:32:19 UTC
PAM 0.66-18 does not allow empty password fields in /etc/passwd (as installed out of the box) Logging in does not work, and setting the password also fails.
Comment 1 Dale Lovelace 1999-05-27 21:35:59 UTC
*** Bug 3024 has been marked as a duplicate of this bug. *** It is not possible to log in with a blank password. This is problem if you forget the root password, boot into single user mode and reset the password. I do not use shadow passwords. It seems as if the nullok option from pam_pwdb is ignored.
Comment 2 Benjamin Gilbert 1999-07-18 17:02:59 UTC
Is there a workaround so that users with null passwords can at least log in? Is this going to get fixed?
Comment 3 Göran Uddeborg 1999-07-27 11:17:59 UTC
A workaround is to use shadow passwords.
Comment 4 Michael K. Johnson 1999-08-02 16:16:59 UTC
*** Bug 4060 has been marked as a duplicate of this bug. *** With shadowing turned off, setting a zero-length password seems to corrupt the password data-base. Whether I do it by editing /etc/passwd, or using passwd as root, the user is unable to log on. Furthermore, even if root runs passwd again to set a non-null password, that user remains hosed. ------- Additional Comments From email@example.com 07/30/99 17:10 ------- I cannot reproduce this. Are you using NIS or some other form of authentication besides /etc/passwd? A non-root user cannot set a null password with the passwd command; perhaps the old password is still in force for you? ------- Additional Comments From firstname.lastname@example.org 08/02/99 12:14 ------- OK, 3029 does look like the same report...
Comment 5 bart.durinck 1999-08-04 23:15:59 UTC
Same prob here. The work-around of using shadow passwd is NOK if you have NIS and Sun clients :-( But now for the good news :-) I think I found a fix. It's in pwdb (not pam) I'll submit it in a moment. Thanks to <email@example.com>, his "Re: cannot log in: 6.0 upgrade broke PAM / pwdb" in linux.redhat.install got me on the right track.
Comment 6 Bill Nottingham 1999-10-19 16:13:59 UTC
*** Bug 6085 has been marked as a duplicate of this bug. *** If shadow passwords are not being used on a system, the following things do not seem to work properly 1) logging in if you have an empty password. pam_pwdb reports 'get passwd; pwdb: request not recognized' in syslog 2) changing or deleting the password of an entity that currently does not have a password (either an 'empty password' or 'no password'). passwd reports success, but the contents of /etc/passwd are not changed
Comment 7 Bill Nottingham 2000-02-05 20:16:59 UTC
This should be fixed in the latest pam and pwdb packages in Raw Hide.