[5875] in bugtraq
Re: Oddities in RH 5.0
daemon@ATHENA.MIT.EDU (Frank Sweetser)
Sun Dec 28 15:06:05 1997
Date: Sun, 28 Dec 1997 14:31:09 -0500
Reply-To: Frank Sweetser <rasmusin@WPI.EDU>
From: Frank Sweetser <rasmusin@WPI.EDU>
X-To: Tres Melton <tres@chaffee.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.93.971228055228.2049Y-100000@castle.chaffee.net>
==> Regarding Oddities in RH 5.0; Tres Melton <tres@chaffee.net> adds:
tres> Please forgive me if this post is not appropriate for either of these
tres> two groups since I just joined redhat-list and this is my first post
tres> to either redhat or bugtraq (except for a previous plea for help that
tres> Aleph One answered on BUGTRAQ).
tres> I have Redhat 5.0 (that came with an Applixware update) and have
tres> installed it on my system. I have run pwconv to change to shadowed
tres> passwords. This is an extremly limited installation (nothing checked
tres> on the install options). I have then added only certain packages
tres> (some binary and some source). I have installed the shadow-utils and
tres> passwd SRPMS as well.
tres> If I run "useradd -p pass1 test1" I get the oddest thing in
tres> /etc/shadow:
tres> test1:pass1:10223:0:99999:7:::
This does look like a bug. Try reporting it to bugs@redhat.com and
hurricane-list@redhat.com, that's where such reports should go.
tres> /etc/shadow: test2:!:10223:0:99999:7::: /etc/passwd:
tres> test2:x:502:502::/home/test:/bin/bash
tres> looks cool so far right? Now run "passwd test2" and set the
tres> password. Now the entries read like so:
tres> /etc/shadow: test2:!:10223:0:99999:7::: /etc/passwd:
tres> test2:R0KYaK5ivSnk6:501:501::/home/test2:/bin/bash
tres> Seems to me like it updated the wrong file.
You need to add the shadow argument to the pam_pwdb.so line in
/etc/pam.d/passwd, so it looks something like this:
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_pwdb.so shadow use_authtok nullok
--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.res.wpi.net RedHat 5.0 Linux 2.0.33 i586 | at public servers
Coach: Can I draw you a beer, Norm?
Norm: No, I know what they look like. Just pour me one.
-- Cheers, No Help Wanted
