Red Hat Bugzilla – Bug 474832
Cannot set password for a user if not already in shadow password file
Last modified: 2009-02-11 03:40:52 EST
(This might be a bug against PAM rather than the passwd program itself.)
If you add a user by hand to the /etc/passwd and /etc/group files, for whatever reason, then you might expect 'passwd user' to set the password. However, it prompts for the password and then prints
passwd: User not known to the underlying authentication module
You can work around this by adding a dummy line to the shadow password file:
# echo 'user:!!:14202:0:99999:7:::' >>/etc/shadow
However, it would be better if the passwd program were more robust, and seeing that the user is not currently mentioned in /etc/shadow, would add the new line itself.
To reproduce: manually add a user to /etc/passwd. Run 'passwd user'.
Expected result: the usual password prompt then add an entry to /etc/shadow if missing, or update the existing entry in /etc/shadow if present.
Actual result: prompts for password but then fails with 'User not known'.
What was the exact line you added to the /etc/passwd by hand?
pam_unix module does not support creating shadow entries from scratch. You should use the shadow-utils or utils from libuser to create user entries. Or if you need just to add a shadow entry for an user you should call pwconv.