[Pkg-shadow-devel] Why does chage change root password after
requesting password aging parameters?
Nicolas François
nicolas.francois at centraliens.net
Sat Aug 27 20:58:18 UTC 2005
Hi,
I'm slowly reading my mails.
Some of the problems encountered recently with the new experimental package
are due to the 404 patch being commented out.
E.g., when we use useradd, the root password is changed instead of the new
user's password.
I guess Tomasz is not affected by this.
Tomasz, can you confirm?
IIRC, the issue in debian was triggered by a call to pam_chauthtok, which
changed the authentication token not for the user, but for root.
I did not checked for chage, but this is probably the same reason.
This may be due to a PAM configuration (we should check all /etc/pam.d/
files) or PAM version.
The 404 patch should be reactivated for the moment (until we sort out
where this comes from).
The reasons this patch was kept are:
* the above reason (also discussed with Alexander on IRC)
* the risk that useradd do not change the /etc/{passwd,shadow} files, but
the databases specified in PAM (e.g. an LDAP database).
Thus useradd would not remain a low-level utility, which can affect
adduser.
IMHO, this is just a Debian issue.
--
Nekral
More information about the Pkg-shadow-devel
mailing list