[Bug 695] Cannot change password in PAM NIS+ environment
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Sep 22 02:54:42 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=695
Summary: Cannot change password in PAM NIS+ environment
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: PAM support
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: paul.a.bolton at bt.com
When their password expires, NIS+ users are prompted to change their password.
Upon entering the correct creds the session terminates and the password is not
changed. Typically a "Permission denied" or "NIS+ system error" is generated.
Either normal "telnet" connections or password resets by administrators are
required in order to allow the user to log in successfully.
In session.c do_pam_chauthtok() is a) called before do_pam_setcred(), and b)
do_pam_chauthtok() does not set the real UID to the target user. (effective
stays as UID=0).
If these changes are made, the credential update works for both NIS+ and local
accounts.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list