PAM bug in ckpasswd?
Martin Tessarek
mt at nef.wh.uni-dortmund.de
Mon Mar 2 10:07:53 UTC 2009
Hi,
I think I came across a bug in ckpasswd regarding PAM.
ckpasswd can't check the user auth via PAM if not run by the user in
question or root...
When nnrpd is run as user news (uid 9 on debian), the user auth fails
if ckpasswd has no read access to shadow...
su -c "./ckpasswd -u username -p password" news
ckpasswd: pam_unix(nnrpd:auth): authentication failure; logname= uid=9
euid=9 tty= ruser= rhost= user=username
su -c "./ckpasswd -u username -p password" username
User:username
su -c "./ckpasswd -u username -p password" root
User:username
/etc/pam.d/nnrpd should be ok:
@include common-auth
@include common-account
Greetings,
Martin
More information about the inn-bugs
mailing list