Comment 4 for bug 1532264

Interesting, the pam/pam_fprintd.c file has the following function that would be used for the pam_chauthtok(3) function:

PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
                                const char **argv)
{
        return PAM_SUCCESS;
}

If I've read this correctly, this is more than a misconfiguration of a PAM configuration file -- the module was apparently never intended to enforce authentication before updating authentication tokens.

I filed a bug report upstream: https://github.com/dsd/pam_fprint/issues/2

Thanks