836620 – Don't use cached_login with pam_winbind for password stack

Bug 836620 - Don't use cached_login with pam_winbind for password stack

Summary: Don't use cached_login with pam_winbind for password stack

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	authconfig
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-06-29 16:33 UTC by Stef Walter
Modified:	2012-08-15 14:47 UTC (History)
CC List:	1 user (show)
Fixed In Version:	authconfig-6.2.3-1.fc18
Clone Of:
Environment:
Last Closed:	2012-08-15 12:02:34 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Patch which fixes the problem (458 bytes, patch) 2012-06-29 16:33 UTC, Stef Walter	no flags	Details \| Diff
View All

Description Stef Walter 2012-06-29 16:33:13 UTC

Created attachment 595337 [details]
Patch which fixes the problem

Description of problem:

authconfig adds 'cached_login' to the pam password stack. We shouldn't be using offline cached passwords when changing an AD password.

Version-Release number of selected component (if applicable):

Latest hg

How reproducible:

Every time.

Steps to Reproduce:
1. authconfig --updateall --enablewinbind --enablewinbindauth
  
Actual results:

  password    sufficient    pam_winbind.so cached_login use_auth_tok

Expected results:

  password    sufficient    pam_winbind.so use_auth_tok

Comment 1 Stef Walter 2012-08-15 14:47:57 UTC

Confirmed that this fixed with authconfig-6.2.3

Note You need to log in before you can comment on or make changes to this bug.