Bug 131338 - /usr/bin/passwd locks while waiting for /bin/login to update an expired password
/usr/bin/passwd locks while waiting for /bin/login to update an expired password
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: pam (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-31 04:15 EDT by Creative Computing
Modified: 2015-01-07 19:08 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-12-13 15:49:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Creative Computing 2004-08-31 04:15:24 EDT
Description of problem:

When a user has an expired password and they login (we are using
telnet but probably same happens with other types of login)
it will force them to change their password, first thing it does
is ask for their old password once again. If the user does nothing
(or worse, calls support when they see this) the the file
/etc/.pwd.lock is locked and /usr/bin/passwd will hang (even for
root) so no one on the system is able to change any passwords until
this user can be found and booted.

Version-Release number of selected component (if applicable):

  pam-0.75-54
  util-linux-2.11y-31.1

How reproducible:

  consistent

Steps to Reproduce:
1. Enable login via telnet

2. Get a user and make their password expire
     # chage -M 10 crashdummy
     # chage -d 123 crashdummy

3. Login as that user via telnet, stop as soon as you
   see "changing password for crashdummy"

4. Go to a root prompt and change any password
     # passwd whoever
  
Actual results:

   /usr/bin/passwd waits forever before prompting

Expected results:

   /usr/bin/passwd prompts for new password like normal

Additional info:

   I'm pretty sure the offending code is in /lib/security/pam_unix.so
   which should make sure it never holds a lock at the same time as
   waiting for user input. The lock should only be held while
   accessing the password files.
Comment 1 Tomas Mraz 2004-09-08 06:51:31 EDT
Duplicate of bug 75454
Comment 2 Jay Turner 2004-11-27 08:28:06 EST
Fix confirmed with pam-0.75-62.  Throwing into PROD_READY pending the
release of the errata.
Comment 3 John Flanagan 2004-12-13 15:49:35 EST
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2004-575.html
Comment 4 John Flanagan 2004-12-21 14:29:19 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2004-551.html

Note You need to log in before you can comment on or make changes to this bug.