Bug#321384: [Pkg-shadow-devel] Bug#321384: su refuses to change an
expired password for root
Alexander Gattin
arg at online.com.ua
Sat Aug 6 12:36:37 UTC 2005
Hi!
On Sat, Aug 06, 2005 at 01:05:50AM +0200, Nicolas François wrote:
> It performs an pam_chauthok when pam_acct_mgmt returns an
> PAM_CHANGE_EXPIRED_AUTHOK.
Sorry, here you have a typo:
> if (amroot) {
> fprintf (stderr, _("%s: %s\n(Ignored)\n"), Prog,
> pam_strerror (pamh, ret));
> + } if (ret == PAM_NEW_AUTHTOK_REQD) {
> + ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
it should be:
> if (amroot) {
> fprintf (stderr, _("%s: %s\n(Ignored)\n"), Prog,
> pam_strerror (pamh, ret));
> + } else if (ret == PAM_NEW_AUTHTOK_REQD) {
> + ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
> + if (ret != PAM_SUCCESS) {
> + SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
> + pam_strerror (pamh, ret)));
> + fprintf (stderr, _("%s: %s\n"), Prog,
> + pam_strerror (pamh, ret));
> + pam_end (pamh, ret);
> + su_failure (tty);
> + }
> } else {
> SYSLOG ((LOG_ERR, "pam_acct_mgmt: %s",
> pam_strerror (pamh, ret)));
P.S. I think the fix is definitely applicable to Sarge
and we should have a Sarge version of the patch,
although not applied yet...
--
WBR,
xrgtn
More information about the Pkg-shadow-devel
mailing list