Bug 79081
Summary: | pam_smbpass(password comonent) unable to obtain authtok if invoked after pam_unix | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Wenzhuo Zhang <wenzhuo> |
Component: | pam | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED WONTFIX | QA Contact: | Jay Turner <jturner> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.2 | CC: | shiva, srevivo, villapla |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-11-17 15:30:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Wenzhuo Zhang
2002-12-05 14:02:39 UTC
Working version of system-auth: [root@daisy pam.d]# cat system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth requisite /lib/security/pam_unix.so likeauth nullok auth optional /lib/security/pam_smbpass.so migrate #auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 type= password optional /lib/security/pam_smbpass.so nullok use_authtok try_first_pass audit password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow try_first_pass password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so If I replace pam_unix.so with pam_pwdb.so, then even the previously broken system-auth configuration works nicely. [root@daisy pam.d]# grep password system-auth password required /lib/security/pam_cracklib.so retry=3 type= password requisite /lib/security/pam_pwdb.so nullok use_authtok md5 shadow try_first_pass password optional /lib/security/pam_smbpass.so nullok use_authtok try_first_pass audit #password required /lib/security/pam_deny.so So I guess pam_unix.so might have a problem. Could you please retry with latest Fedora Core? No response from reporter. Update, for posterity: http://lists.samba.org/archive/samba-technical/2001-July/015339.html According to this post, this is a bug in pam_unix that's fixed in Linux PAM 0.76 and later. |