Bug 63808

Summary: root password not authenticated after installation
Product: [Retired] Red Hat Linux Reporter: Hial Colburn <hcolburn>
Component: pamAssignee: Tomas Mraz <tmraz>
Status: CLOSED CURRENTRELEASE QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: high    
Version: 7.2CC: martin, m.kokinda
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-10-21 14:11:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Comment none

Description Hial Colburn 2002-04-18 21:24:07 UTC 
Created attachment 915099 [details]
Comment

(This comment was longer than 65,535 characters and has been moved to an attachment by Red Hat Bugzilla).
Comment 1 Havoc Pennington 2002-04-18 22:58:30 UTC 
If "su" doesn't work I doubt it's a gdm bug. Must be something in how
authentication is being done.
Comment 2 Havoc Pennington 2002-04-28 16:49:00 UTC 
Be sure you're "up2date" on pam and usermode.
Comment 3 Need Real Name 2002-05-15 11:21:08 UTC 
I have this same problem (also on an IBM Netfinity 3000).  I have tried to run 
the pam and usermode but of course you need to be root to do so - at least I 
get errors on dependencies when I try to run the rpm's.  Has this bug been 
resolved?

Koke
Comment 4 Hial Colburn 2002-08-15 13:14:08 UTC 
I think I finally figured out what was happening...

During the installation, I de-selected MD5 and shadow password authentication, 
but then I entered a 9-digit root password.  The installer accepted this and 
pressed on.  As I understand MD5 (which is very little), passwords are limited 
to 8 characters or less.

Once I rebooted the box into single user mode and ran authconfig to turn on MD5 
and shadow, changed the root password and rebooted, I could login as root.

It seems to me that if you will allow users to NOT use MD5 password 
authentication, you need to perform a check on the number of characters in the  
root password to prevent this problem from occuring.

Hope this helps...
Comment 5 Mark J. Cox 2002-08-16 08:07:29 UTC 
(downgrading from security severity)
Comment 6 Tomas Mraz 2004-10-21 14:10:08 UTC 
*** Bug 63989 has been marked as a duplicate of this bug. ***
Comment 7 Tomas Mraz 2004-10-21 14:11:43 UTC 
This works fine in Fedora Core 2.