[Bug 14] Can't change expired /etc/shadow password without PAM
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Jan 11 10:06:17 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=14
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #200 is|0 |1
obsolete| |
------- Additional Comments From dtucker at zip.com.au 2003-01-11 10:06 -------
Created an attachment (id=201)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=201&action=view)
passexpire12: password expiry via /bin/passwd in session
Now (correctly I hope!) checks that the password is changed successfully.
Adds is_password_change_required() and privsep wrapper. This re-tests the
account and resets the change flag. This is necessary because passwd sometimes
does not return a failure exit code (eg AIX in the "your password has been
expired too long and only the admin can change it" case).
Tested on AIX 4.3.3, Solaris 8 and Redhat 8. Should work on any platform with
/etc/shadow and any version of AIX 4 (unsure about previous versions).
The equivalent patch against the 3.5p1 release is at
http://www.zip.com.au/~dtucker/openssh/openssh-3.5p1-passexpire12.patch.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the openssh-unix-dev
mailing list