[27396] in Athena Bugs
Re: Debathena: passwd
daemon@ATHENA.MIT.EDU (Evan Broder)
Thu Dec 3 10:08:21 2009
MIME-Version: 1.0
In-Reply-To: <200912031358.nB3Dwtv9007049@byte-me.mit.edu>
Date: Thu, 3 Dec 2009 10:08:04 -0500
Message-ID: <2706d8dd0912030708s339cd767if6ecaa321f885c34@mail.gmail.com>
From: Evan Broder <broder@mit.edu>
To: Mitchell E Berger <mitchb@mit.edu>
Content-Type: text/plain; charset=ISO-8859-1
X-Spam-Flag: NO
X-Spam-Score: 0.00
Content-Transfer-Encoding: 8bit
Cc: bugs@mit.edu, boojum@mit.edu
Errors-To: bugs-bounces@mit.edu
Interesting. In that case, it seems likely to be a bug in
pam_auth_krb5. My hunch is to blame this diff hunk from around line
250 of api-password.c:
done:
+ if (pamret != PAM_SUCCESS) {
+ if (pamret == PAM_SERVICE_ERR || pamret == PAM_AUTH_ERR)
+ pamret = PAM_AUTHTOK_ERR;
+ if (pamret == PAM_AUTHINFO_UNAVAIL)
+ pamret = PAM_AUTHTOK_ERR;
+ }
EXIT(args, pamret);
if (pass != NULL) {
memset(pass, 0, strlen(pass));
But I don't actually know. Filing an LP bug would probably be more
productive than me skimming diffs, although I will note that people
really don't care about Intrepid anymore.
- Evan
On Thu, Dec 3, 2009 at 8:58 AM, Mitchell E Berger <mitchb@mit.edu> wrote:
> I can, however, reproduce it on another Intrepid machine:
>
> zygorthian-space-raiders:~> passwd
> Current Kerberos password:
> Enter new Kerberos password:
> Retype new Kerberos password:
> Passwords don't match
> passwd: password updated successfully
> zygorthian-space-raiders:~>
>
> So, it's not Laura's account, and it's not Laura's machine.
>
> Mitch
>
>> Interesting. I was unable to reproduce this on a Debathena Jaunty machine:
>>
>> kid-icarus:~ broder$ passwd
>> Current Kerberos password:
>> Enter new Kerberos password:
>> Retype new Kerberos password:
>> Passwords don't match
>> passwd: Authentication token manipulation error
>> passwd: password unchanged
>>
>> Although it looks like dale is running Debathena Intrepid (8.10), the
>> PAM configuration should be identical between those two versions, so
>> I'm not sure what the difference there would be.
>>
>> - Evan
>>
>> On Wed, Dec 2, 2009 at 11:10 AM, <boojum@mit.edu> wrote:
>> > System name: DALE
>> > Type: i686
>> > Display type: Intel Corporation 82915G/GV/910GL Integrated Graphics Co
>> ntroller (rev 04)
>> >
>> > Shell: /bin/athena/tcsh (?)
>> > Window manager: unknown
>> >
>> > What were you trying to do?
>> > Change my password using "passwd"
>> >
>> > What's wrong:
>> > If I type mismatched passwords, it tells me:
>> >
>> > Passwords don't match
>> > passwd: password updated successfully
>> >
>> > (It does not, in fact, update my password).
>> >
>> > What should have happened:
>> >
>> > It shouldn't say "password updated successfully".
>> >
>> >
>>
>