Bug 836620 - Don't use cached_login with pam_winbind for password stack
Summary: Don't use cached_login with pam_winbind for password stack
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: authconfig
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-06-29 16:33 UTC by Stef Walter
Modified: 2012-08-15 14:47 UTC (History)
1 user (show)

Fixed In Version: authconfig-6.2.3-1.fc18
Clone Of:
Environment:
Last Closed: 2012-08-15 12:02:34 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Patch which fixes the problem (458 bytes, patch)
2012-06-29 16:33 UTC, Stef Walter
no flags Details | Diff

Description Stef Walter 2012-06-29 16:33:13 UTC
Created attachment 595337 [details]
Patch which fixes the problem

Description of problem:

authconfig adds 'cached_login' to the pam password stack. We shouldn't be using offline cached passwords when changing an AD password.

Version-Release number of selected component (if applicable):

Latest hg

How reproducible:

Every time.

Steps to Reproduce:
1. authconfig --updateall --enablewinbind --enablewinbindauth
  
Actual results:

  password    sufficient    pam_winbind.so cached_login use_auth_tok

Expected results:

  password    sufficient    pam_winbind.so use_auth_tok

Comment 1 Stef Walter 2012-08-15 14:47:57 UTC
Confirmed that this fixed with authconfig-6.2.3


Note You need to log in before you can comment on or make changes to this bug.