55383 – root password can't be changed

Bug 55383 - root password can't be changed

Summary: root password can't be changed

Keywords:
Status:	CLOSED DUPLICATE of bug 43915
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	passwd
Sub Component:
Version:	7.2
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Aaron Brown
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	55615 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-10-30 17:22 UTC by Ed Friedman
Modified:	2007-04-18 16:37 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2005-03-24 18:44:57 UTC
Embargoed:

Attachments	(Terms of Use)

Description Ed Friedman 2001-10-30 17:22:36 UTC

From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12 i686)

Description of problem:
Using a full install of 7.2, with shadow passwords and MD5 enabled, and
running NIS from a Solaris server, it is impossible to change the root
password.   Even though files comes before nis in the /etc/nsswitch.conf
file, the passwd command tries to change the password on the NIS server,
which is not permitted when you are trying to change the root password.  
Using the linuxconf change root password GUI also resulted in the same
error message.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.turn on NIS, shadow passwords, MD5
2.as root issue the passwd command
3.observe the error message from the NIS server telling you that the
password has not been changed
	

Actual Results:  RPC: Can't encode arguments
The password has not been changed on tachyon.uchicago.edu.
passwd: Failed preliminary check by password service


Expected Results:  The password for root should have been changed on the
local machine only.

Additional info:

Comment 1 Joshua Buysse 2001-11-14 19:18:46 UTC

*** Bug 55615 has been marked as a duplicate of this bug. ***

Comment 2 Joshua Buysse 2001-11-14 19:19:39 UTC

*** Bug 43915 has been marked as a duplicate of this bug. ***

Comment 3 Nalin Dahyabhai 2002-02-14 21:17:32 UTC

Do you have a root account in NIS in addition to the one defined in the local files?

Comment 4 Ed Friedman 2002-02-14 21:29:53 UTC

Yes, the NIS database does have an entry listed for root.  However, the
nsswitch.conf is saying to search the local files before looking at the NIS
database.

Comment 5 Nalin Dahyabhai 2002-02-14 21:37:01 UTC

I really would consider this a configuration error -- enumeration of the passwd
database (for example, by running "getent passwd") will show two accounts for
root, with two passwords, but only one of them will ever work.  This is because
the function for reading a single passwd record only returns a single result.

As a workaround, removing "nis" from the line in /etc/pam.d/system-auth which
includes use of pam_unix for changing passwords will prevent pam_unix from
attempting to change passwords on the NIS server.

This happens because the function which looks up a user's information doesn't
tell pam_unix where the information came from, so pam_unix checks both NIS and
local files to figure out which entry to change, and it appears to be hitting on
the wrong data source.

Comment 6 Gerald Teschl 2002-02-14 22:37:50 UTC

No, here we don't have an entry for root in NIS. Moreover, here it
is not at all related to the root account and both client/server
run rh 7.2. Probably #43915 is not a duplicate of this bug after all!?

Comment 7 Tomas Mraz 2005-03-24 18:44:57 UTC

It should be duplicate of bug 43915 however regarding comment #6 - if it still
happens to you on a current RHEL/Fedora releases please write it here.


*** This bug has been marked as a duplicate of 43915 ***

Note You need to log in before you can comment on or make changes to this bug.