PAM bug in ckpasswd?

Martin Tessarek mt at
Mon Mar 2 10:07:53 UTC 2009


I think I came across a bug in ckpasswd regarding PAM.
ckpasswd can't check the user auth via PAM if not run by the user in  
question or root...
When nnrpd is run as user news (uid 9 on debian), the user auth fails  
if ckpasswd has no read access to shadow...

su -c "./ckpasswd -u username -p password" news

ckpasswd: pam_unix(nnrpd:auth): authentication failure; logname= uid=9  
euid=9 tty= ruser= rhost=  user=username

su -c "./ckpasswd -u username -p password" username

su -c "./ckpasswd -u username -p password" root

/etc/pam.d/nnrpd should be ok:
@include common-auth
@include common-account


More information about the inn-bugs mailing list