Bug 179653 - Authentication token manipulation error
Summary: Authentication token manipulation error
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: passwd
Version: 4.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Tomas Mraz
QA Contact: Mike McLean
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-02-01 21:22 UTC by maurice dalton
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-02 20:27:50 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
requested conf files (10.00 KB, text/plain)
2006-02-02 12:20 UTC, maurice dalton
no flags Details

Description maurice dalton 2006-02-01 21:22:08 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FunWebProducts; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727)

Description of problem:
Getting authencation error while trying to change password as general user.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.login
2.passwd
3.enter new passwd
  

Actual Results:  bash-3.00$ passwd
Changing password for user joeuser.
Changing password for joeuser
(current) UNIX password: 
passwd: Authentication token manipulation error

Expected Results:  successful password change

Additional info:

Versions of packages installed


2.6.9-11.ELsmp

pam-0.77-66.5
pam_passwdqc-0.7.5-2
pam_ccreds-1-3
pam-devel-0.77-66.5
pam_smb-1.1.7-5
pam_krb5-2.1.2-1
spamassassin-3.0.4-1.el4

Comment 1 Nalin Dahyabhai 2006-02-01 22:56:37 UTC
Could you please attach the contents of your /etc/pam.d/system-auth file,
/etc/krb5.conf, and /etc/pam_smb.conf files?

Comment 2 maurice dalton 2006-02-02 12:20:58 UTC
Created attachment 124044 [details]
requested conf files

Comment 3 Tomas Mraz 2006-02-02 18:37:47 UTC
More questions - is SELinux enabled? Are there any related messages in
/var/log/messages, /var/log/secure, /var/log/audit.log?


Comment 4 maurice dalton 2006-02-02 18:48:06 UTC
  This messages is from /var/log/messages

Feb  2 12:48:50 sysmgr02 passwd(pam_unix)[22743]: authentication failure; 
logname=root uid=1501 euid=0 tty= ruser= rhost=  user=joeuser

There are no other log messages



dmesg:SELinux:  Initializing.
dmesg:SELinux:  Starting in permissive mode
dmesg:selinux_register_security:  Registering secondary module capability
dmesg:SELinux:  Registering netfilter hooks
dmesg:SELinux:  Disabled at runtime.



    

Comment 5 Tomas Mraz 2006-02-02 20:27:50 UTC
Well it just seems like wrong password has been entered.

If you're asking why the error message was "Authentication token manipulation
error." and not "Authentication error." it's because of limitations of the way
how the PAM modules are set up for password changing. The pam_unix module is
sufficient -> doesn't affect return value if it fails. The return value is
determined by pam_deny which always returns "Authentication token manipulation
error."



Note You need to log in before you can comment on or make changes to this bug.