LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-08-2008, 07:41 AM   #1
ajeetraina
Member
 
Registered: Jun 2007
Location: India
Distribution: Ubuntu,Red Hat, Fedora
Posts: 292

Rep: Reputation: 30
Unable to Change password Even as root??


I have RHEL machine in which I am able to login as root but when I tried changing password as :
Code:
[root@pe ~]# passwd root
Changing password for user root.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: Authentication token manipulation error
Why its reacting So??
 
Old 05-08-2008, 07:59 AM   #2
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738
Is it possible that the second entry did not match the first?
Did you try it again?
Did you try a different password?
 
Old 05-08-2008, 08:00 AM   #3
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 572

Rep: Reputation: 56
Check the ownership and permissions for /etc/passwd. The file should be:-
Code:
-rw-r--r--  1 root root 2767 Nov  7  2007 /etc/passwd
(ignoring the date and size of course)
 
Old 05-08-2008, 08:25 AM   #4
ajeetraina
Member
 
Registered: Jun 2007
Location: India
Distribution: Ubuntu,Red Hat, Fedora
Posts: 292

Original Poster
Rep: Reputation: 30
Pixellany,

I am entering the right password as confirmation.

But I am amazed.
When I ran:
[root@pe ~]# passwd root
Changing password for user root.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@pe ~]#

All I am entering password right way and it is accepting it too.But when I am trying to login in new window it is not taking the new password but accepting the last password.

Horrible????
Blacky..

The output is :
[root@pe ~]# ls -la /etc/passwd
-rw-r--r-- 1 root root 2956 Feb 11 11:05 /etc/passwd
[root@pe ~]#

Any idea?

Last edited by ajeetraina; 05-08-2008 at 08:27 AM.
 
Old 05-08-2008, 08:26 AM   #5
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 572

Rep: Reputation: 56
Check the permissions and ownership of /etc/shadow as well.
 
Old 05-08-2008, 08:28 AM   #6
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738Reputation: 738
Did you try a different password?

Can you assign that same password to another user?
 
Old 05-08-2008, 08:50 AM   #7
vadkutya
Member
 
Registered: Apr 2008
Distribution: slackware 10.2
Posts: 117

Rep: Reputation: 16
i assume that you are using shadowed password files. this error occures when the user of which you are trying to change the password is existing /etc/passwd but not in /etc/shadow.

you have to add the user manually to /etc/shadow or update the shadow file with "pwconv"

also make sure you typed your current password correctly (if your passwd is too short you will see an entry in /etc/shadow but without any password).

vadkutya

Last edited by vadkutya; 05-08-2008 at 09:11 AM.
 
Old 05-09-2008, 12:43 AM   #8
ajeetraina
Member
 
Registered: Jun 2007
Location: India
Distribution: Ubuntu,Red Hat, Fedora
Posts: 292

Original Poster
Rep: Reputation: 30
Blacky,

My /etc/shadow file says:

# ls -la /etc/shadow
-rw------- 1 root root 1694 Feb 11 11:03 /etc/shadow
[root@pe ~]#

Vadkutya,

The root entry is there in /etc/shadow file.

Lemme inform you this is Xen Server ....Any hint from this?

Last edited by ajeetraina; 05-09-2008 at 12:54 AM.
 
Old 05-09-2008, 12:53 AM   #9
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 572

Rep: Reputation: 56
Run "lsattr /etc/shadow /etc/passwd". Results should be:-
Code:
# lsattr /etc/passwd /etc/shadow
------------- /etc/passwd
------------- /etc/shadow
If you don't get this, use "chattr -<letter> filename" where you replace <letter> with the attribute(s) that are turned on.

Did you try pwconv?

EDIT - Just noticed a glaring error. /etc/shadow should not be writable - permissions should be as follows:-
Code:
# ll /etc/passwd /etc/shadow
-rw-r--r-- 1 root root 2563 Apr 23 18:58 /etc/passwd
-r-------- 1 root root 1717 Apr 23 18:58 /etc/shadow

Last edited by blacky_5251; 05-09-2008 at 12:54 AM.
 
Old 05-09-2008, 03:02 AM   #10
ajeetraina
Member
 
Registered: Jun 2007
Location: India
Distribution: Ubuntu,Red Hat, Fedora
Posts: 292

Original Poster
Rep: Reputation: 30
Its the same:

[root@pe ~]# lsattr /etc/passwd /etc/shadow
------------- /etc/passwd
------------- /etc/shadow
[root@pe ~]# ls -la /etc/shadow
-rw-r--r-- 1 root root 1694 Feb 11 11:03 /etc/shadow
[root@pe ~]# chmod 600 /etc/shadow
[root@pe ~]# ls -la /etc/shadow
-rw------- 1 root root 1694 Feb 11 11:03 /etc/shadow
[root@pe ~]#


I only tried to change the /etc/shadow earlier? Now changed back it to original state.

Any idea what gonna we do next for the issue??

Still In doubt??
 
Old 05-09-2008, 03:34 AM   #11
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 572

Rep: Reputation: 56
Quote:
[root@pe ~]# chmod 600 /etc/shadow
[root@pe ~]# ls -la /etc/shadow
-rw------- 1 root root 1694 Feb 11 11:03 /etc/shadow
[root@pe ~]#
Not quite what I meant. Try "chmod 400 /etc/shadow" and see how you get on. Permissions for /etc/shadow should be read only, not read write.
 
Old 05-09-2008, 06:34 AM   #12
vadkutya
Member
 
Registered: Apr 2008
Distribution: slackware 10.2
Posts: 117

Rep: Reputation: 16
hey ajeetraina,

maybe this could be helpful http://jmatrix.net/dao/case/case.jsp...016D6F8AAA-17C

in short: "The key here is that older versions of passwd did not ask for confirmation of the current password. If they did, and the user entered an incorrect password, passwd told you as much. With pam - rather than telling you your current password is incorrect, it errors saying "Authentication token manipulation error"."

similar: http://forums12.itrc.hp.com/service/...readId=1014718 (scroll down )

if this does not help. backup /etc/shadow and /etc/group and rebuild them with pwconv and grpconv. if there's no problem with either "typing" or "/etc/shadow, /etc/passwd" then see the logs after you just tried to change the password. also, give an output of /etc/pam.d/system-auth

vadkutya

Last edited by vadkutya; 05-09-2008 at 06:58 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to change root password without knowing the grub password ramesh.mimit Red Hat 8 10-15-2011 06:12 AM
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 11:28 PM
Unable to change password sunhui Linux - Software 3 10-04-2006 01:19 PM
change Root Password even if the password in the grub is also set sheelnidhi Linux - General 6 08-30-2006 08:27 AM


All times are GMT -5. The time now is 08:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration