Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 695] Cannot change password in PAM NIS+ environment
bugzilla-daemon at mindrot
Sep 21, 2003, 8:54 AM
Post #1 of 2 (546 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=695

Summary: Cannot change password in PAM NIS+ environment
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: PAM support
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: paul.a.bolton@bt.com


When their password expires, NIS+ users are prompted to change their password.
Upon entering the correct creds the session terminates and the password is not
changed. Typically a "Permission denied" or "NIS+ system error" is generated.
Either normal "telnet" connections or password resets by administrators are
required in order to allow the user to log in successfully.

In session.c do_pam_chauthtok() is a) called before do_pam_setcred(), and b)
do_pam_chauthtok() does not set the real UID to the target user. (effective
stays as UID=0).

If these changes are made, the credential update works for both NIS+ and local
accounts.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 695] Cannot change password in PAM NIS+ environment [ In reply to ]
bugzilla-daemon at mindrot
Sep 21, 2003, 11:54 PM
Post #2 of 2 (528 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=695





------- Additional Comments From paul.a.bolton@bt.com 2003-09-22 17:54 -------
... although it still does not work with logons to the root master. Seem to be
getting a "corrupted window" when negotiating with rpc.nispasswdd.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal