Cannot change a local user's password when sssd is enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sssd (Ubuntu) |
Fix Released
|
Medium
|
Timo Aaltonen |
Bug Description
Ubuntu 11.10 system. I have sssd set up. Using pam-auth-update I enable both sssd and Unix style authentication. The sssd uses LDAP only for user account lookup. Users defined in sssd can change passwords OK, however, local user accounts cannot, e.g. when logged in as a local user (btmiller):
btmiller@
Current Password:
New Password:
Reenter new Password:
passwd: Authentication token manipulation error
passwd: password unchange
The following appears in /var/log/auth.log:
Mar 16 18:18:05 hostname passwd[20544]: pam_sss(
Mar 16 18:18:10 hostname passwd[20544]: pam_sss(
It looks like PAM has been set up to call pam_sss for ALL password changes, regardless of whether the user is local or has been defined through sss.
Changed in sssd (Ubuntu): | |
status: | Incomplete → New |
Changed in sssd (Ubuntu): | |
assignee: | nobody → Timo Aaltonen (tjaalton) |
importance: | Undecided → Medium |
status: | Incomplete → In Progress |
Bump the priority to, say, 512 in /usr/share/ pam-configs/ sss. Then run 'pam-auth-update'. Does it fix things?