I wanted to agree with Ara that this bug IS still a problem on a fully
updated Intrepid system. Not much has been installed. This is
important to us because it is causing problem with some of our sysadmin
scripts that check the exit code of passwd. Here are details - I have
tested this on two
hi,
I've got a simlar problem: I cannot change my password anymore!!
[EMAIL PROTECTED]:~# passwd
passwd: password updated successfully
[EMAIL PROTECTED]:~#
it does not even ask the current passwd. The same happens for the user, except
that it asks for current passwd and when entered it just
pescio, please post the contents of your /etc/pam.d/common-password
config.
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
here it is,
$ cat /etc/pam.d/common-password
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user
On Thu, Nov 27, 2008 at 07:48:52PM -, pescio wrote:
# here are the per-package modules (the Primary block)
password [success=2 default=ignore] pam_lwidentity.so
password [success=1 default=ignore] pam_unix.so obscure use_authtok
try_first_pass sha512
Ok, that's bug
On Wed, Oct 29, 2008 at 03:02:12AM -, wire_transfer wrote:
$ egrep -v '#|^$' /etc/pam.d/common-password # removing '#' and empty
lines
password [success=1 default=ignore] pam_unix.so obscure sha512
password requisite pam_deny.so
password
I still see this on my updated Intrepid system (dist-upgraded from edgy to
hardy to intrepid), i.e.:
Sorry, passwords do not match
passwd: password updated successfully
Longer session with initial warning for password 'too simple':
ubuntu:~$ passwd
Changing password for sysuser.
(current) UNIX
No luck... Anything else?
[EMAIL PROTECTED]:~$ apt-cache policy libecryptfs0
libecryptfs0:
Installed: 53-1ubuntu10
Candidate: 53-1ubuntu10
Version table:
*** 53-1ubuntu10 0
500 http://es.archive.ubuntu.com intrepid/main Packages
100 /var/lib/dpkg/status
[EMAIL
I cannot reproduce this problem:
[EMAIL PROTECTED]:~$ passwd
Changing password for kirkland.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
Sorry, passwords do not match
passwd: Authentication information cannot be recovered
passwd: password unchanged
[EMAIL
Yes it is:
[EMAIL PROTECTED]:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
[EMAIL PROTECTED]:~$ sudo passwd
Enter new UNIX password:
Retype new UNIX password:
On Tue, Oct 21, 2008 at 01:03:44PM -, Ara Pulido wrote:
No luck... Anything else?
Please post the contents of /etc/pam.d/common-password on this system.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can
# here are the per-package modules (the Primary block)
password[success=1 default=ignore] pam_unix.so obscure sha512
# here's the fallback if no module succeeds
passwordrequisite pam_deny.so
# prime the stack with a positive return value if there isn't
I am not able to reproduce this using sudo passwd or simply passwd
on an up-to-date Intrepid system.
:-Dustin
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is
This bug was fixed in the package ecryptfs-utils - 53-1ubuntu10
---
ecryptfs-utils (53-1ubuntu10) intrepid; urgency=low
[Dustin Kirkland]
* debian/patches/45-mount_private_counter.dpatch: implement a counter to
track mounts/unmounts of the private directory; unmount if the
Updating this package didn't solve the wrong success problem:
[EMAIL PROTECTED]:~$ apt-cache policy ecryptfs-utils
ecryptfs-utils:
Installed: 53-1ubuntu10
Candidate: 53-1ubuntu10
Version table:
*** 53-1ubuntu10 0
500 http://es.archive.ubuntu.com intrepid/main Packages
100
On Mon, Oct 20, 2008 at 6:28 PM, Ara Pulido [EMAIL PROTECTED] wrote:
Updating this package didn't solve the wrong success problem:
[EMAIL PROTECTED]:~$ apt-cache policy ecryptfs-utils
ecryptfs-utils:
Installed: 53-1ubuntu10
You need to upgrade libecryptfs0 to at least 53-1ubuntu10.
** Changed in: ecryptfs-utils (Ubuntu Intrepid)
Importance: Medium = High
Assignee: (unassigned) = Dustin Kirkland (kirkland)
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of
I have updated the patch based on a security review of the code for bug
#283477 by Jamie Strandboge.
The attached patch includes fixes for bug #272232, as well as bug
#283477.
I have uploaded a package for testing in my PPA. I'm satisfied with my
testing of both patches. I will be committing
I have mentioned bug #283477 in error at least 3 times in this bug
report. Too much copy and paste. Sorry.
The attached patch fixes bugs #272232 and bug #259293.
* passwd - passwords do not match but updated successfull
* Ecryptfs Private Directory Randomly Unmounts
:-Dustin
--
passwd -
One more update to the patch. The last uploaded patch dropped the
manpage updates.
This update simply adds those back.
Requesting sponsorship.
:-Dustin
** Attachment added: ecryptfs-utils.272232c.debdiff
http://launchpadlibrarian.net/18696048/ecryptfs-utils.272232c.debdiff
--
passwd -
Sponsored, waiting for release team approval. Thanks, Dustin!
** Changed in: ecryptfs-utils (Ubuntu Intrepid)
Status: In Progress = Fix Committed
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because
Steve-
Your patch fixes at least one of the problems (given two non-matching
passwords).
It still has the same problem if you a) enter an empty password 6 times,
or b) enter a too simple password 6 times in a row.
Per discussion in IRC, I added an additional check to ensure that the
Whoops - tested that patch out, it doesn't work. We need to return an
actual failure here in order to let the stack DTRT, instead of returning
PAM_SUCCESS or PAM_IGNORE. This revision of the patch does that.
It still doesn't work in my tests, though; still trying to sort out why
that is...
**
** Changed in: ecryptfs-utils (Ubuntu Intrepid)
Status: Triaged = In Progress
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Steve-
Actually, I'm not so sure about pointing the finger entirely at
pam_ecryptfs.
I have an up-to-date Intrepid system here, without ecryptfs at all. I run
passwd and give:
current password: (correct password)
new password 1: foo
new password 2: bar
And it prints:
Sorry, passwords do
Here's an updated patch for the ecryptfs part of this.
As discussed on IRC, fixing this to not give problems on /any/ stack
requires very subtle libpam surgery indeed, not appropriate for
intrepid; but this patch brings pam_ecryptfs in line with what other
modules do, and fixes the problem for
I'm stepping this bug up to critical, and milestoning it against
Intrepid release. I spoke with slangasek and he's going to work on it.
This is currently affecting pam_ecryptfs.
If the user is using an encrypted private directory, and tries to change
their password with passwd, the password
My apologies
Please disregard my last message. This bug is still very important, but
I was completely mistaken.
pam_ecryptfs will NOT re-wrap the passphrase if the operation actually
fails (regardless of the success message). Whew.
I stepped this bug back down to Confirmed/High.
:-Dustin
Not a bug in shadow at all; this is entirely a pam problem, related to
the pam-auth-update changes to the default PAM stack. I'm working
through this today to fix up the stack semantics.
** Changed in: shadow (Ubuntu Intrepid)
Status: New = Invalid
** Changed in: pam (Ubuntu Intrepid)
Aah...
Okay, so I can now characterize the problem better, and how to
reproduce...
On a system using an encrypted private, `mount | grep Private` to check:
1) invoke passwd
2) enter the correct current password
3) enter an invalid new password (such as something too simple) 6 times
** Changed in: pam (Ubuntu Intrepid)
Status: Triaged = In Progress
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
This bug was fixed in the package pam - 1.0.1-4ubuntu5
---
pam (1.0.1-4ubuntu5) intrepid; urgency=low
* debian/libpam0g.postinst: change 'cupsys' to 'cups' in the list of
default desktop services that are ignored in deciding whether to prompt
for service restarts on
** Also affects: ecryptfs-utils (Ubuntu)
Importance: Undecided
Status: New
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Having looked at the code, I think the ecryptfs-utils case is an
ecryptfs-utils bug and not a pam bug. The relevant code in pam_ecryptfs
is:
if (!old_passphrase || !new_passphrase) {
syslog(LOG_WARNING, eCryptfs PAM passphrase change module
proposed patch for ecryptfs-utils; Dustin, please review.
** Attachment added: ecryptfs-utils-272232.debdiff
http://launchpadlibrarian.net/18597858/ecryptfs-utils-272232.debdiff
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received
That seems to have fixed it. I changed that entry in /etc/pam.d/common-
password like this:
#password [success=1 default=ignore] pam_unix.so obscure sha512
passwordrequiredpam_unix.so obscure sha512
And now it throws out a better error message for
I cannot reproduce it here (on Debian).
Can you provide your /etc/pam.d/passwd ?
(and files included from there)
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which
[EMAIL PROTECTED]:/$ ls -l /etc/pam.d/
total 80
-rw-r--r-- 1 root root 182 2008-07-10 10:01 atd
-rw-r--r-- 1 root root 384 2008-06-09 13:02 chfn
-rw-r--r-- 1 root root 581 2008-06-09 13:02 chsh
-rw-r--r-- 1 root root 1186 2008-09-18 12:18 common-account
-rw-r--r-- 1 root root 1221 2008-09-18
Thanks.
And what about the content of /etc/pam.d/common-password ?
Did you make any change to PAM configuration?
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which
I haven't made any changes after installing the Alpha6 besides running
the Update Manager and installing Samba. Here's the contents of common-
password:
[EMAIL PROTECTED]:/$ cat /etc/pam.d/common-password
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This
Reproducible on Intrepid.
** Changed in: shadow (Ubuntu)
Status: New = Confirmed
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This looks like a PAM configuration bug.
When pam_unix fails, the error is (willingly) ignored.
One temporary solution to fix this could be to change the line:
password [success=1 default=ignore] pam_unix.so obscure sha512
to
password required pam_unix.so obscure sha512
** Changed in:
42 matches
Mail list logo
