| 2008-03-19 12:21:33 |
Alexander Sack |
bug |
|
|
added bug |
| 2008-03-19 12:22:50 |
Alexander Sack |
shadow: importance |
Undecided |
Medium |
|
| 2008-03-19 12:22:50 |
Alexander Sack |
shadow: status |
New |
Confirmed |
|
| 2008-03-19 12:22:50 |
Alexander Sack |
shadow: milestone |
|
ubuntu-8.04 |
|
| 2008-03-19 12:23:20 |
Alexander Sack |
description |
steps to reproduce in hardy beta (preview):
1. setup NEWUSER by hand in /etc/passwd and if applicable add a new group in /etc/group
2. run passwd NEWUSER
expected behavior
============
passwd will ask you for a new password
actual result
========
it refuses to set the password. the message on the console is:
$ sudo passwd asac
passwd: Authentication service cannot retrieve authentication info
passwd: password unchanged
workaround
========
duplicate some random user in /etc/shadow and rename its userid to NEWUSER; after that passwd will ask for a new password and set it accordingly. |
steps to reproduce in hardy beta (preview):
1. setup NEWUSER by hand in /etc/passwd and if applicable add a new group in /etc/group
2. run passwd NEWUSER
expected behavior
============
passwd will ask you for a new password
actual result
========
it refuses to set the password. the message on the console is:
$ sudo passwd NEWUSER
passwd: Authentication service cannot retrieve authentication info
passwd: password unchanged
workaround
========
duplicate some random user in /etc/shadow and rename its userid to NEWUSER; after that passwd will ask for a new password and set it accordingly. |
|
| 2008-04-02 06:10:54 |
Colin Watson |
shadow: status |
Confirmed |
Incomplete |
|
| 2008-04-09 09:39:26 |
Steve Langasek |
shadow: milestone |
ubuntu-8.04 |
|
|
| 2008-07-21 01:10:01 |
Jonathan Thomas |
shadow: status |
Incomplete |
Invalid |
|
| 2008-10-23 15:50:47 |
Tomas Pospisek |
shadow: status |
Invalid |
New |
|
| 2008-10-23 15:50:47 |
Tomas Pospisek |
shadow: statusexplanation |
We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again! |
Steve Langasek wrote on 2008-03-26:
> What is the value of the password field within /etc/passwd? A value of "x" tells pam_unix that it should look in
> /etc/shadow; I don't think this is a regression.
In my case there indeed was an 'x'. But the user was missing in /etc/shadow.
I guess the error reply from pam_unix is too hard to parse for mortal humans. I myself did not understand where the problem was, when I read the error message.
The problem in my case was that I was renaming a user manually and forgot to change it correctly in /etc/shadow. Thus there was a user entry in /etc/passwd but not in /etc/shadow.
I'd expect pam_unix to tell me: "There's no user $USER in /etc/shadow"
I'd say this report is rather a request for improvement of the error reporting by pam_unix. |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: status |
New |
Confirmed |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: title |
Bug #203881 in shadow (Ubuntu): "passwd refuses to set password for users without entry in /etc/shadow" |
Bug #203881 in pam (Ubuntu): "passwd refuses to set password for users without entry in /etc/shadow" |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: importance |
Medium |
Wishlist |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: bugtargetname |
shadow (Ubuntu) |
pam (Ubuntu) |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: statusexplanation |
Steve Langasek wrote on 2008-03-26:
> What is the value of the password field within /etc/passwd? A value of "x" tells pam_unix that it should look in
> /etc/shadow; I don't think this is a regression.
In my case there indeed was an 'x'. But the user was missing in /etc/shadow.
I guess the error reply from pam_unix is too hard to parse for mortal humans. I myself did not understand where the problem was, when I read the error message.
The problem in my case was that I was renaming a user manually and forgot to change it correctly in /etc/shadow. Thus there was a user entry in /etc/passwd but not in /etc/shadow.
I'd expect pam_unix to tell me: "There's no user $USER in /etc/shadow"
I'd say this report is rather a request for improvement of the error reporting by pam_unix. |
I think I disagree that pam_unix bears responsibility for providing more detailed error messages, I think it's preferable that PAM modules communicate primarily via the error codes since that's all the user will ever see with some applications. But it's a valid request anyway, so reassigning to pam and leaving it open for further consideration. |
|
| 2008-10-27 06:28:55 |
Steve Langasek |
shadow: bugtargetdisplayname |
shadow (Ubuntu) |
pam (Ubuntu) |
|
