Bug 191390 - Line feeds when password needs changing with rlogin
Line feeds when password needs changing with rlogin
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: rsh (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Adam Tkac
Ben Levenson
:
Depends On:
Blocks: 190430 212183
  Show dependency treegraph
 
Reported: 2006-05-11 11:30 EDT by Bastien Nocera
Modified: 2013-04-30 19:34 EDT (History)
6 users (show)

See Also:
Fixed In Version: RHBA-2007-0410
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-11 14:46:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Bastien Nocera 2006-05-11 11:30:06 EDT
pam_passwdqc seems to have the same bug as rsh, in its conversation messages.

The reproducer steps are the same except that you need to have:
password    required      /lib/security/$ISA/pam_passwdqc.so
min=disabled,disabled,disabled,8,8 max=22 passphrase=0 match=4 similar=deny
retry=5 random=0

in your /etc/pam.d/system-auth

+++ This bug was initially created as a clone of Bug #178916 +++

1. Create a new user, and set the new user's password
2. Run chage to force the user's password to be updated (Maximum Password Age to
"1", and Last Password Change to 2 days before today)
3. Install rsh-server

4. chkconfig rlogin on
5. Try to rlogin to this machine as that user

$ rlogin -l testuser amd64
connect to address 172.16.10.230: Connection refused
Trying krb4 rlogin...
connect to address 172.16.10.230: Connection refused
trying normal rlogin (/usr/bin/rlogin)
Password:
You are required to change your password immediately (password aged)
                                                                   Changing
password for testuser
                (current) UNIX password:
<snip>

-- Additional comment from kzak@redhat.com on 2006-01-25 16:08 EST --
You're probably right. There's private PAM_conversation() implementation in the
rlogind and it's without "\n".
Comment 1 Tomas Mraz 2006-05-11 11:41:44 EDT
pam_passwdqc is a separate package but I don't believe this bug is there either.
The reason is that the 'You are required to change your password immediately
(password aged)' message is issued by pam_unix and the EOL character must be
added by the conversation function which is part of the rlogind.
Comment 2 Bastien Nocera 2006-05-11 11:51:05 EDT
Actually, it works with:
password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
in the system-auth file, but not with pam_passwdqc as explained above.
Comment 19 Red Hat Bugzilla 2007-06-11 14:46:04 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0410.html

Note You need to log in before you can comment on or make changes to this bug.