From Bugzilla Helper: User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686) Description of problem: when /etc/shadow has immutable bit changing password reports success, while actually the old password is still in effect. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. # chattr +i /etc/shadow 2. $ passwd 3.Changing password for user (current) UNIX password: New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully Actual Results: -rw------- 1 root root 1186 Aug 2 10:47 /etc/shadow It is now Mon Nov 11 13:28:28 CET 2002, so shadow is not updated. Expected Results: shadow file is immutable, passwd should report failure. Additional info: passwd-0.64.1-4
Almost 2 years for a security related bug in RedHat Linux???
Taking.
Tomas, I think the pam_unix_passwd.c should be responsible for that.
Fixed in rawhide.
*** Bug 136369 has been marked as a duplicate of this bug. ***
Reopening as I want to fix that for RHEL3 too.
This bug is still here # rpm -q pam pam-0.75-62 # cat /etc/redhat-release Red Hat Enterprise Linux ES release 3 (Taroon Update 4) # chattr +i /etc/shadow # lsattr shadow ----i-------- shadow # ls -l shadow -rw------- 1 root root 1691 Jan 5 21:39 shadow # passwd bas Changing password for user bas. New password: Retype new password: passwd: all authentication tokens updated successfully. # tail -1 shadow bas:$1$ezz3juFV$DPfWBCHMFbEQStj0Q4fRT/:12788:0:99999:7::: # ls -l shadow -rw------- 1 root root 1691 Jan 5 21:39 shadow # # chattr -i /etc/shadow # passwd bas Changing password for user bas. New password: Retype new password: passwd: all authentication tokens updated successfully. # # ls -l shadow -rw------- 1 root root 1691 Jan 5 21:42 shadow # rpm -q pam pam-0.75-62 # cat /etc/redhat-release Red Hat Enterprise Linux ES release 3 (Taroon Update 4)
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2005-064.html
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2005-062.html