Confirming...
Once likewise-open is installed (whether a domain is joined or not), running
"passwd" to change a local password fails: it never prompts for a new password.
(Changing a domain password works.)
It also always returns "passwd: password updated successfully"
I suppose there is something wrong in the PAM stack:
password [success=2 default=ignore] pam_lwidentity.so
password [success=1 default=ignore] pam_unix.so obscure use_authtok
try_first_pass sha512
password requisite pam_deny.so
password required pam_permit.so
use_authtok forces pam_unix.so use the password entered for
pam_lwidentity.so... but if the user is not in the domain there is no
such token. There is little to gain in reusing passwords between
pam_lwidentity.so and pam_unix.so, since they aren't targeting the same
users...
As a dirty workaround "use_authtok" can be removed from
/etc/pam.d/common-password:
password [success=1 default=ignore] pam_unix.so obscure use_authtok
try_first_pass sha512
(that change will be overridden next time pam-auth-update is run)
** Changed in: likewise-open (Ubuntu)
Status: New => Confirmed
--
likewise-open prevents local passwords from being changed
https://bugs.launchpad.net/bugs/302026
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to likewise-open in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
