This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 55011 - Couldn't login after RH7.2 upgrade - editing a pam file fixed it
Couldn't login after RH7.2 upgrade - editing a pam file fixed it
Status: CLOSED DUPLICATE of bug 54443
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
7.2
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
:
: 55106 55356 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-10-24 06:26 EDT by dg
Modified: 2007-04-18 12:37 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-10-31 15:26:03 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description dg 2001-10-24 06:26:57 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011012

Description of problem:
After upgrading my machine (on an NIS domain) to RH7.2 I couldn't login -
just got a bad password message; this was login, gdm, and ssh.  Some people
could, some people couldn't.  I could login as the local Root.

After suggestions by a friend that 'pam_unix.so' was now deprecated I
changed in the file /etc/pam.d/system-auth:

auth        sufficient    /lib/security/pam_unix.so likeauth nullok

to

auth        sufficient    /lib/security/pam_pwdb.so likeauth nullok

and all is peachy.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Erm well it could be the 7.2 upgrade that kicked it
2.Try to login
3.
	

Additional info:
Comment 1 Need Real Name 2001-10-24 16:26:57 EDT
I've got the same problem, and the same solution seemed to work for me.  I wasn't
able to login at all, I had to start up in single user mode to modify the
system-auth file.
Comment 2 Andreas J. Bathe 2001-10-25 05:30:50 EDT
did you have the !character within your password? i did and had the same
problem, after changing the password without !, I got into - same with gdm and
login via nis.
Comment 3 dg 2001-10-25 05:44:16 EDT
Nope; mine is pure mixed case english alphabetic
Comment 4 Andreas J. Bathe 2001-10-25 06:02:24 EDT
puuh, that's strange, but you're right: I tested some passwords with ! and some
did it and some didn't.
Was just an idea...
Comment 5 Jim Radford 2001-10-25 18:13:07 EDT
I verified that the problem is only with passwords greater than 8 characters in
length.  Specifically bigcrypt is being called by default instead of the normal
crypt function.  It seems that bigcrypt is supposed to be an option, but it is
somenow now the default.
Comment 6 Jim Radford 2001-10-25 18:35:20 EDT
--- pam-0.75/modules/pam_unix/support.c.orig    Thu Oct 25 15:24:53 2001
+++ pam-0.75/modules/pam_unix/support.c Thu Oct 25 15:24:56 2001
@@ -705,7 +705,11 @@
                                                break;
                                        }
                                }
-                               pp = bigcrypt(p, salt);
+                                if (off(UNIX_BIGCRYPT, ctrl)) {
+                                  pp = crypt(p, salt);
+                                } else {
+                                  pp = bigcrypt(p, salt);
+                                }
                        }
                        p = NULL;               /* no longer needed here */
 
Comment 7 Need Real Name 2001-10-25 19:04:56 EDT
That is not the full story. My username is 7 lower case alphas followed by 
a '2'. When I cloned my passwd line but removed the 2 (ie, kept my uid, 
password, shell, etc all the same) I was able to log in. 

My password does exceed 8 characters, but the bug is user name sensitive too. 
It looks like there is a bug in bigcrypt, which is sensitive to user name, 
rather than bigcrypt being totally hosed.
Comment 8 dg 2001-10-26 04:21:42 EDT
Hmm - my password is larger than 8 characters so that could be it. (My username
is just dg)
Comment 9 Need Real Name 2001-10-28 03:02:50 EST
I was able to fix it by downgrading pam to the version shipped with 7.1.  There
is definitely a 
bug in this latest version of pam, when used with NIS.
Comment 10 Julian C. Dunn 2001-10-28 23:22:58 EST
It has nothing to do with NIS. I am experiencing the same problem on a machine
where NIS is turned off, and the same fix corrected the problem.
Comment 11 Nalin Dahyabhai 2001-10-31 15:19:02 EST
This is a problem with conventionally-encrypted passwords, and it's just showing
up more on systems with NIS.  A bug-fix errata for this will be going out shortly.
Comment 12 Nalin Dahyabhai 2001-10-31 15:20:58 EST
*** Bug 55356 has been marked as a duplicate of this bug. ***
Comment 13 Nalin Dahyabhai 2001-10-31 15:25:54 EST
Oops, this one's actually a dupe of #54443.
Comment 14 Nalin Dahyabhai 2001-10-31 15:27:37 EST

*** This bug has been marked as a duplicate of 54443 ***
Comment 15 Nalin Dahyabhai 2002-01-18 16:55:10 EST
*** Bug 55106 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.