Bug#1017467: Acknowledgement (libpam-systemd: upgrade broke unix_chkpwd fallback for root user)
Christian Göttsche
cgzones at googlemail.com
Tue Aug 16 19:03:59 BST 2022
control: reassign -1 pam 1.4.0-13
control: user selinux-devel at lists.alioth.debian.org
control: usertags selinux
The nsswitch.conf setting `shadow files systemd` was added with
libnss-systemd 251.3-2[1].
The files database will return UNAVAIL, since the access to
/etc/shadow is not granted, and thus glibc tries the next entry
(systemd), which returns NOTFOUND.
pam_unix only sees the result of the last operation, NOTFOUND, but
only tries the unix_chkpwd fallback on UNAVAIL.
This is fixed upstream with commits [2] and [3].
[1]: https://salsa.debian.org/systemd-team/systemd/-/commit/bf9a307cfcbe62ab4fbcf2198e6e628a1bca211b
[2]: https://github.com/linux-pam/linux-pam/commit/f220cace205332a3dc34e7b37a85e7627e097e7d
[3]: https://github.com/linux-pam/linux-pam/commit/470823c4aacef5cb3b1180be6ed70846b61a3752
More information about the Pkg-systemd-maintainers
mailing list