Bug#407497: [Pkg-shadow-devel] Bug#407497: passwd: chsh,
chfn prompt root for the password (breaking .postinst scripts)
Christian Perrier
bubulle at debian.org
Fri Jan 19 07:03:08 CET 2007
tags 407497 unreproducible
thanks
Quoting Jan Braun (janbraun at gmx.net):
> Package: passwd
> Version: 1:4.0.18.1-6
> Severity: normal
>
> Hi,
> I had upgrades of logcheck and sash fail because they use chfn and chsh
> (respectively) in their postinst script, and these ask for a password
> even when invoked by root.
> This causes a hang since the postinst script doesn't seem to be in
> control of the terminal, and I can't enter anything at all; the only
> way out is killing chsh/chfn from another console. But even without
> that, I'd probably confused by a Password: prompt expecting a root
> password in the middle of a "sudo aptitude upgrade" run.
Could you send your /etc/pam.d/chsh and /etc/pam.d/chfn files?
It's pretty likely that you're missing the following in these:
# This allows root to change user shell without being
# prompted for a password
auth sufficient pam_rootok.so
On my system, using the default provided PAM config files:
root at mykerinos:~> chsh --shell /bin/sh spongebob
root at mykerinos:~>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20070119/a5f5588f/attachment.pgp
More information about the Pkg-shadow-devel
mailing list