Bug 61603

Summary: NIS/YP user login returns account expired error
Product: [Retired] Red Hat Linux Reporter: Joseph Kotran <jkotran>
Component: pamAssignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-11-16 12:30:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joseph Kotran 2002-03-22 00:32:51 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.8) Gecko/20020204

Description of problem:
Attempts to login using a NIS/YP account return an error message that states
that the account is expired.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Configure Red Hat 7.2.92 as a NIS/YP client.
2.Login using a NIS/YP account.


Actual Results:  This is logged in /var/log/secure:

Mar 21 16:20:02 hostname login: User account has expired

Also, the user login is rejected.


Expected Results:  The user should be able to login.


Additional info:

This may or may not be a pam problem.  It could be a ypbind problem.  I suggest
pam, because I executed strace against a login process to record the system
calls that the login process makes when a NIS user login fails.  I noticed in
the output serveral references to pam.

Please note that local user accounts are able to login.

In both cases (NIS and local) I am using shadow password without MD5 encryption.
 No account expiration has been set in either case.  I also tested by setting an
expiration date in the future.  The login still failed.
Comment 1 Michael Redinger 2002-03-23 16:31:19 UTC 
Same here. The same configuration works fine with 7.2.
I'm using plain crypt, no MD5. NIS doesn't use shadow passwords.
Downgrading ypbind to the 7.2 version didn't help.
So I also downgraded to pam-0.75-19 from the 7.2 updates. Still the same message.
I then went back to the original 7.2 version (0.75-14). Now I didn't get account
expired but FAILED LOGIN. However, IIRC this version had pam issues.
Comment 2 Tomas Mraz 2004-10-20 08:20:56 UTC 
This report is too old. Please retest with current Fedora Core releases.
Comment 3 Tomas Mraz 2004-11-16 12:30:47 UTC 
No response.