You have been subscribed to a public bug by Marc Deslauriers (mdeslaur): Binary package hint: samba
At all! This seems to be related to https://bugs.launchpad.net/ubuntu/+source/samba/+bug/570944/comments/10 Since this is the PAM configuration for winbind straight out of the box I think it should work! Removing the use_authtok does seem to get things unstuck. Ultimately means all users get locked out of their accounts because the password expires and it cannot be reset. So, it is pretty serious. $ passwd Changing password for utest (current) NT password: passwd: Authentication token manipulation error passwd: password unchanged Nov 25 14:28:51 jggl passwd[7456]: pam_unix(passwd:chauthtok): user "utest" does not exist in /etc/passwd Nov 25 14:28:51 jggl passwd[7456]: pam_winbind(passwd:chauthtok): [pamh: 0xcfdad0] ENTER: pam_sm_chauthtok (flags: 0x4000) Nov 25 14:28:51 jggl passwd[7456]: pam_winbind(passwd:chauthtok): username [utest] obtained Nov 25 14:28:51 jggl passwd[7456]: pam_winbind(passwd:chauthtok): getting password (0x0000002b) Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): request wbcLogonUser succeeded Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): user 'utest' granted access Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): [pamh: 0xcfdad0] LEAVE: pam_sm_chauthtok returning 0 (PAM_SUCCESS) Nov 25 14:28:53 jggl passwd[7456]: pam_unix(passwd:chauthtok): user "utest" does not exist in /etc/passwd Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): [pamh: 0xcfdad0] ENTER: pam_sm_chauthtok (flags: 0x2000) Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): username [utest] obtained Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): getting password (0x00000013) Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): password - new password not obtained Nov 25 14:28:53 jggl passwd[7456]: pam_winbind(passwd:chauthtok): [pamh: 0xcfdad0] LEAVE: pam_sm_chauthtok returning 21 (PAM_AUTHTOK_RECOVER_ERR) /etc/pam.d/common-passwd # here are the per-package modules (the "Primary" block) password [success=2 default=ignore] pam_unix.so obscure sha512 password [success=1 default=ignore] pam_winbind.so use_authtok try_first_pass # here's the fallback if no module succeeds password requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around password required pam_permit.so # and here are more per-package modules (the "Additional" block) password optional pam_gnome_keyring.so # end of pam-auth-update config ProblemType: Bug DistroRelease: Ubuntu 10.10 Package: winbind 2:3.5.4~dfsg-1ubuntu8 ProcVersionSignature: Ubuntu 2.6.35-22.35-generic 2.6.35.4 Uname: Linux 2.6.35-22-generic x86_64 Architecture: amd64 Date: Thu Nov 25 14:19:48 2010 InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007) ProcEnviron: PATH=(custom, no user) LANG=C SHELL=/bin/bash SambaClientRegression: No SourcePackage: samba ** Affects: samba (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug maverick -- passwd doesn't work with pam_winbind https://bugs.launchpad.net/bugs/681598 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
