Bug 18055
| Summary: | Passwords can't be changed | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Robert B <robertb> |
| Component: | pam | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.0 | CC: | ylitvin |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | i686 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2000-10-05 00:35:58 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Robert B
2000-10-02 05:39:00 UTC
What are the contents of your /etc/pam.d/system-auth file? # cat system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth sufficient /lib/security/pam_unix.so likeauth nullok md5 shadow auth required /lib/security/pam_deny.so account sufficient /lib/security/pam_unix.so account required /lib/security/pam_deny.so password required /lib/security/pam_cracklib.so retry=3 password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so session required /lib/security/pam_unix.so I've just checked here and can't duplicate this on my fresh-installed machine. What are the contents of /etc/pam.d/passwd and the versions of the passwd and pam packages you have installed? # cat /etc/pam.d/passwd #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth # rpm -qa|egrep -i "pam|passwd" pam-0.72-26 passwd-0.64.1-4 Maybe I should also note that I don't have a shadow password file, just the standard /etc/passwd. Can't change the password on freshly installed system (Dell Inspiron 3800). Choices during install: Graphic, Custom, user was created during install $ passwd Changing password for blah (current) UNIX password: passwd: Authentication token manipulation error $ I've added another user after install, su'ed to it and couldn't change the password either. I have a freshly installed 7.0 box, created user during install... no problems. using shadowed passwords. [root@noc csteele]# passwd csteele Changing password for user csteele New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully Not having a /etc/shadow file appears to be the problem (and a bug in the pam package, since it didn't migrate those settings right). A workaround would be to remove all occurrences of the "shadow" flag from /etc/pam.d/system-auth, or use authconfig to turn shadow on, and then to use it to turn shadow off again. Running authconfig, I discovered that shadow passwords were turned on, even though the system has no /etc/shadow file. I turned it off and am now able to change passwords again. End of bug. Correct migration has been added to versions of the PAM package in the build tree, and it will be fixed in the next Raw Hide snapshot and future releases. *** Bug 27552 has been marked as a duplicate of this bug. *** I also faced the problem of not being able to change the password. Turning on the shadow password using pwconv worked. |