Bug 592432 - password checking fails (ssh works)
Summary: password checking fails (ssh works)
Status: CLOSED DUPLICATE of bug 590199
Alias: None
Product: Fedora
Classification: Fedora
Component: nss
Version: 12
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Kai Engert (:kaie) (inactive account)
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2010-05-14 20:26 UTC by Hal Murray
Modified: 2010-05-17 21:45 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-05-17 15:52:27 UTC
Type: ---

Attachments (Terms of Use)

Description Hal Murray 2010-05-14 20:26:04 UTC
Description of problem:
  Password checking fails.  su says:
    su: incorrect password
  login gives a similar message but I don't have a sample handy.
  login via ssh works.

Version-Release number of selected component (if applicable):
It broke after a yum-update.  From /var/log/messages:
May  8 04:14:34 mini-mon yum: Updated: perl-Digest-HMAC-1.02-1.fc12.noarch
May  8 04:14:36 mini-mon yum: Updated: perl-URI-1.54-1.fc12.noarch
May  8 04:14:36 mini-mon yum: Updated: libblkid-2.16.2-9.fc12.i686
May  8 04:14:37 mini-mon yum: Updated: nss-softokn-freebl-3.12.4-17.fc12.i686
May  8 04:14:38 mini-mon yum: Updated: nss-softokn-3.12.4-17.fc12.i686
May  8 04:14:44 mini-mon yum: Updated: util-linux-ng-2.16.2-9.fc12.i686
May  8 04:14:44 mini-mon yum: Updated: nss-softokn-devel-3.12.4-17.fc12.i686

How reproducible:
  I'm not sure.

  I have 2 Fedora 12 systems.

  I encountered the problem on the first system. I recovered using
  a rescue CD and installing RPMs pulled from the net with versions
  matching what was working on the other system.  (I wasn't smart
  enough to use yum downgrade.)

  I hit the same problem on the second system.  This time I was
  careful to check (from another window) before closing the su-ed window.
  downgrading util-linux-ng, libuuid, and libblkid fixed things.
  Then it worked after upgrading again.   ???

  I just tried upgrading the first system.  It failed again.
  downgrading util-linux-ng, libuuid, libblkid didn't fix it.
  downgrading nss-softokn, nss-softokn-devel, and nss-softokn-freebl
  did fix it.

Steps to Reproduce:
1. yum upgrade

Actual results:
  su: incorrect password

Expected results:
  [root@xxx yyy]#

Additional info:
  Both of these systems were updated from older versions of Fedora.
  I remember troubles with the update process, but was a long time
  ago so I have forgotten any details.  There is a chance that that
  something was broken but both systems were working as expected
  until this problem showed up.

  I'll be happy to try things or collect more data if that will help.

  Sorry this is so fuzzy.

Comment 1 Karel Zak 2010-05-17 09:59:59 UTC
I see only one relation between 'login' and 'su': PAM.

Comment 2 Tomas Mraz 2010-05-17 10:15:37 UTC
Note that PAM was not touched at all. I highly suspect nss_softtoken to be the culprit. It is called by glibc to compute the password hashes.

Comment 3 Tomas Mraz 2010-05-17 10:16:41 UTC
Also the by the ssh working you mean ssh authentication with public keys? Or ssh password based authentication?

Comment 4 Elio Maldonado Batiz 2010-05-17 15:48:33 UTC
(In reply to comment #2)  your suspissions are well justified, see Bug 590199.
nss-softokn-3.12.4-19 has a patch to address this problem. It's currently on updates testing. I have requested a push to stable.

Comment 5 Tomas Mraz 2010-05-17 15:52:27 UTC

*** This bug has been marked as a duplicate of bug 590199 ***

Comment 6 Hal Murray 2010-05-17 21:45:49 UTC
> Also the by the ssh working you mean ssh authentication with public keys? Or
> ssh password based authentication? 

Yes, I meant ssh using public keys worked.  (Sorry I wasn't clear.)

Note You need to log in before you can comment on or make changes to this bug.