[SOLVED] [BLFS7.5]passwd - Permission Denied

kamils096 · 06-08-2014, 07:58 AM

Hello again, i have a little problem again. I install Linux-PAM and reinstall Shadow and i copied configuration from book. Everything is fine, but i have a problem - i can't use passwd. When i try to use passwd(even if i'm root) i get a message:

Code:

passwd: Premission denied
passwd: password unchanged

I can't change root password and other users password. When i login to another user, and try to change own passwod i get same error. I suspect LinuxPAM or Shadow configuration, because before everything was fine. How i can solve this problem?

corbis_demon · 06-08-2014, 10:16 AM

Can you go to a virtual console (tty1...) and log in from there?

kamils096 · 06-10-2014, 01:14 PM

Yes, i can login without problems, but i can't use passwd.

ReaperX7 · 06-10-2014, 03:14 PM

1. When you re-installed shadow did you use the LFS instructions or the BLFS extended instructions that include the PAM configuration?

2. Did you install cracklib prior to installing PAM?

To be honest, I rarely touch PAM in my builds due to the fact that if it screws up, you can get locked out rather easily, even from root.

My questions, why are you installing PAM? How will PAM meet your needs? What are the goals you seek to accomplish with PAM in the long term?

kamils096 · 06-11-2014, 05:50 AM

I compile LinuxPAM(i haven't cracklib) and i recompile Shadow. I copy configuration from book(of course i include PAM in configuration), everything is ok, so this is problem with /etc/pam.d/passwd file.

corbis_demon · 06-12-2014, 12:26 AM

Are you using the sample configs from the BLFS "Shadow-4.1.5.1" package?

kamils096 · 06-12-2014, 03:30 AM

Yes, i use sample configuration, i check configuration again, but i'm sure it's ok.

ReaperX7 · 06-12-2014, 03:48 AM

Since you didn't use cracklib, is this your /etc/pam.d/passwd file?

Code:

cat > /etc/pam.d/passwd << "EOF"
# Begin /etc/pam.d/passwd

password  include     system-password

# End /etc/pam.d/passwd
EOF

Do note that the BLFS book has this also for system-password...

Without Cracklib

Code:

cat > /etc/pam.d/system-password << "EOF"
# Begin /etc/pam.d/system-password

# use sha512 hash for encryption, use shadow, and try to use any previously
# defined authentication token (chosen password) set by any prior module
password  required    pam_unix.so       sha512 shadow try_first_pass

# End /etc/pam.d/system-password
EOF

With Cracklib

Code:

cat > /etc/pam.d/system-password << "EOF"
# Begin /etc/pam.d/system-password

# check new passwords for strength (man pam_cracklib)
password  required    pam_cracklib.so   type=Linux retry=3 difok=5 \
                                        difignore=23 minlen=9 dcredit=1 \
                                        ucredit=1 lcredit=1 ocredit=1 \
                                        dictpath=/lib/cracklib/pw_dict
# use sha512 hash for encryption, use shadow, and use the
# authentication token (chosen password) set by pam_cracklib
# above (or any previous modules)
password  required    pam_unix.so       sha512 shadow use_authtok

# End /etc/pam.d/system-password
EOF

If you set the wrong one it may have locked you out.

kamils096 · 06-17-2014, 11:58 AM

Well, problem is solved, i have wrong name of system-password file. Very thanks for help.