reproduces with pam-1.1.8-1.fc20.x86_64 as well +++ This bug was initially created as a clone of Bug #1120099 +++ Description of problem: pam segfaults when user wants to reset his password and a line beginning with his username exists in /etc/security/opasswd, however the record doesn't follow expected structure (e.g. accidentally rewrite content of /etc/security/opasswd with contents of /etc/passwd) Version-Release number of selected component (if applicable): pam-1.1.1-17.el6_5.x86_64 How reproducible: Always Steps to Reproduce: 1. add remember=3 to /etc/pam.d/system-auth-ac: # diff /etc/pam.d/system-auth-ac /etc/pam.d/system-auth-ac.bak.2014.07.14 16c16 < password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=3 --- > password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok 2. # useradd test 3. # passwd test 4. mangle /etc/security/opasswd, e.g. # cat /etc/security/opasswd test or # cat /etc/security/opasswd test:x:501:501::/home/test:/bin/bash 5. # su - test 6. $ passwd Actual results: Changing password for user test. Changing password for test. (current) UNIX password: New password: Retype new password: Segmentation fault Expected results: Changing password for user gpedr00. Changing password for gpedr00. (current) UNIX password: New password: Retype new password: passwd: Authentication token manipulation error Additional info: Patch attached, didn't managed to reproduce the segfault with the patch (doesn't necessarily mean it's bulletproof or elegant). Throwing more descripting error message than just general "passwd: Authentication token manipulation error" would be also fine, not only in this case.
pam-1.1.8-2.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/pam-1.1.8-2.fc20
pam-1.1.6-13.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/pam-1.1.6-13.fc19
Package pam-1.1.8-2.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing pam-1.1.8-2.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-16350/pam-1.1.8-2.fc20 then log in and leave karma (feedback).
pam-1.1.8-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.