Bug 55383 – root password can't be changed

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 55383 - root password can't be changed

Summary:	root password can't be changed

Status:	CLOSED DUPLICATE of bug 43915

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	passwd (Show other bugs)
Sub Component:
Version:	7.2
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Tomas Mraz
QA Contact:	Aaron Brown
Docs Contact:

URL:
Whiteboard:
Keywords:

Duplicates:	55615 (view as bug list)
Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2001-10-30 12:22 EST by Ed Friedman
Modified:	2007-04-18 12:37 EDT (History)
CC List:	4 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2005-03-24 13:44:57 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Ed Friedman 2001-10-30 12:22:36 EST

From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12 i686)

Description of problem:
Using a full install of 7.2, with shadow passwords and MD5 enabled, and
running NIS from a Solaris server, it is impossible to change the root
password.   Even though files comes before nis in the /etc/nsswitch.conf
file, the passwd command tries to change the password on the NIS server,
which is not permitted when you are trying to change the root password.  
Using the linuxconf change root password GUI also resulted in the same
error message.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.turn on NIS, shadow passwords, MD5
2.as root issue the passwd command
3.observe the error message from the NIS server telling you that the
password has not been changed
	

Actual Results:  RPC: Can't encode arguments
The password has not been changed on tachyon.uchicago.edu.
passwd: Failed preliminary check by password service


Expected Results:  The password for root should have been changed on the
local machine only.

Additional info:

Comment 1 Joshua Buysse 2001-11-14 14:18:46 EST

*** Bug 55615 has been marked as a duplicate of this bug. ***

Comment 2 Joshua Buysse 2001-11-14 14:19:39 EST

*** Bug 43915 has been marked as a duplicate of this bug. ***

Comment 3 Nalin Dahyabhai 2002-02-14 16:17:32 EST

Do you have a root account in NIS in addition to the one defined in the local files?

Comment 4 Ed Friedman 2002-02-14 16:29:53 EST

Yes, the NIS database does have an entry listed for root.  However, the
nsswitch.conf is saying to search the local files before looking at the NIS
database.

Comment 5 Nalin Dahyabhai 2002-02-14 16:37:01 EST

I really would consider this a configuration error -- enumeration of the passwd
database (for example, by running "getent passwd") will show two accounts for
root, with two passwords, but only one of them will ever work.  This is because
the function for reading a single passwd record only returns a single result.

As a workaround, removing "nis" from the line in /etc/pam.d/system-auth which
includes use of pam_unix for changing passwords will prevent pam_unix from
attempting to change passwords on the NIS server.

This happens because the function which looks up a user's information doesn't
tell pam_unix where the information came from, so pam_unix checks both NIS and
local files to figure out which entry to change, and it appears to be hitting on
the wrong data source.

Comment 6 Gerald Teschl 2002-02-14 17:37:50 EST

No, here we don't have an entry for root in NIS. Moreover, here it
is not at all related to the root account and both client/server
run rh 7.2. Probably #43915 is not a duplicate of this bug after all!?

Comment 7 Tomas Mraz 2005-03-24 13:44:57 EST

It should be duplicate of bug 43915 however regarding comment #6 - if it still
happens to you on a current RHEL/Fedora releases please write it here.


*** This bug has been marked as a duplicate of 43915 ***

Note You need to log in before you can comment on or make changes to this bug.