Red Hat Bugzilla – Bug 344
/usr/bin/passwd segfaults when using non-pwdb pam modules
Last modified: 2008-05-01 11:37:48 EDT
When using pam modules for naming services or authentication
databases not directly supported by pwdb (such as LDAP) the
passwd command will segfault. This is due to pwdb subverting
standard UNIX system calls that should be handled by the
Nameservice Switch (NSS) module (ie getpwuid, getpwnam).
Thus when a nameservice/pam module not known to pwdb is used
passwd.c (line 76) 'user' gets a null pointer and the
following strdup call causes a segmentation fault.
pwdb needs a rewrite to be able to deal with that situation.
A future version of pwdb will use the nss modules for perorming the
user lookups. For now, using other modules is not supported. And for
things like ldap one will need a special passwd program anyway.