passwd: User not known to the underlying authentication module

ar1 · 02-16-2004, 01:31 PM

Hi
I can't change my password in Mandrake 9.2, for any user. Actually, neither root nor the other user has a passowrd at all, I can do su root without giving a password! It gives the following error if I try to change the passwd:

[root@localhost /]# passwd
Changing password for user root.
New UNIX password:
Retype new UNIX password:
passwd: User not known to the underlying authentication module

ugenn · 02-16-2004, 02:07 PM

Post the following (where applicable)...
- Relavent /var/log/messages and /var/log/secure.log (or equivalent) entries.
- /etc/pam.d/passwd and /etc/pam.d/su contents.
- Result of pwck and grpck.

ar1 · 02-17-2004, 01:52 PM

Here is /var/log/secure:

Dec 3 01:37:08 localhost xinetd[1168]: START: sgi_fam pid=1653 from=<no address>
Dec 3 01:41:32 localhost xinetd[1168]: START: sgi_fam pid=2072 from=<no address>
Dec 3 01:42:30 localhost xinetd[1168]: START: sgi_fam pid=2263 from=<no address>
Dec 3 01:54:43 localhost xinetd[1168]: START: sgi_fam pid=2835 from=<no address>
Dec 3 10:16:25 localhost xinetd[1228]: START: sgi_fam pid=1725 from=<no address>
Dec 3 10:19:44 localhost xinetd[1226]: START: sgi_fam pid=1736 from=<no address>
Dec 3 17:50:56 localhost xinetd[1229]: START: sgi_fam pid=1720 from=<no address>
Dec 4 00:25:00 localhost groupadd[3824]: new group: name=fileshare, gid=425

here is /etc/pam.d/passwd:

#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth

and here is /etc/pam.d/su:

#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient /lib/security/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so

Output of pwck [run as root]:

user adm: directory /var/adm does not exist
user news: directory /var/spool/news does not exist
user uucp: directory /var/spool/uucp does not exist
pwck: no changes

Output of pwck [run as non-root]:
pwck: cannot lock file /etc/passwd

Output of grpck [as root]:
NO OUTPUT, JUST GOES TO NEW LINE, NO ERROR

Output of grpck [non-root]:
grpck: cannot lock file /etc/group

ugenn · 02-18-2004, 12:36 AM

The configs seem ok (except the missing dirs).

For passwd, is the passwd binary's suid bit set? Then try editing /etc/pam.d/passwd (make a backup first) and replace all the lines with the following...
#%PAM-1.0
auth required pam_deny.so
password sufficient pam_unix.so md5 shadow
password required pam_deny.so
account required pam_deny.so
session required pam_deny.so

If making the above changes do work, then the problem should be in the /etc/pam.d/system-auth config file.

Also, are those the immediate log entries after running passwd?

For the su problem, did you try to su from a user shell or were you already root? If you are already in a root shell, su will not ask for a password.

jlliagre · 02-18-2004, 06:00 PM

Is your /etc/shadow file either missing or empty so the passwords are located in the /etc/passwd file ?
If true, use "pwconv" to create a shadow file.
The "passwd" command should work then.

Stefan Pantiru · 04-09-2004, 04:10 PM

...and it does... Thanks, jlliagre. (Obviously had the same problem...)