Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-16-2004, 01:31 PM
|
#1
|
|
Member
Registered: Nov 2003
Location: Bloomington, IL, USA
Distribution: Fedora Core 3
Posts: 126
Rep: 
|
passwd: User not known to the underlying authentication module
Hi
I can't change my password in Mandrake 9.2, for any user. Actually, neither root nor the other user has a passowrd at all, I can do su root without giving a password! It gives the following error if I try to change the passwd:
[root@localhost /]# passwd
Changing password for user root.
New UNIX password:
Retype new UNIX password:
passwd: User not known to the underlying authentication module
|
|
|
|
|
02-16-2004, 02:07 PM
|
#2
|
|
Member
Registered: Apr 2002
Posts: 549
Rep:
|
Post the following (where applicable)...
- Relavent /var/log/messages and /var/log/secure.log (or equivalent) entries.
- /etc/pam.d/passwd and /etc/pam.d/su contents.
- Result of pwck and grpck.
|
|
|
|
|
02-17-2004, 01:52 PM
|
#3
|
|
Member
Registered: Nov 2003
Location: Bloomington, IL, USA
Distribution: Fedora Core 3
Posts: 126
Original Poster
Rep:
|
Here is /var/log/secure:
Dec 3 01:37:08 localhost xinetd[1168]: START: sgi_fam pid=1653 from=<no address>
Dec 3 01:41:32 localhost xinetd[1168]: START: sgi_fam pid=2072 from=<no address>
Dec 3 01:42:30 localhost xinetd[1168]: START: sgi_fam pid=2263 from=<no address>
Dec 3 01:54:43 localhost xinetd[1168]: START: sgi_fam pid=2835 from=<no address>
Dec 3 10:16:25 localhost xinetd[1228]: START: sgi_fam pid=1725 from=<no address>
Dec 3 10:19:44 localhost xinetd[1226]: START: sgi_fam pid=1736 from=<no address>
Dec 3 17:50:56 localhost xinetd[1229]: START: sgi_fam pid=1720 from=<no address>
Dec 4 00:25:00 localhost groupadd[3824]: new group: name=fileshare, gid=425
here is /etc/pam.d/passwd:
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
and here is /etc/pam.d/su:
#%PAM-1.0
auth sufficient /lib/security/pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient /lib/security/pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required /lib/security/pam_wheel.so use_uid
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so
Output of pwck [run as root]:
user adm: directory /var/adm does not exist
user news: directory /var/spool/news does not exist
user uucp: directory /var/spool/uucp does not exist
pwck: no changes
Output of pwck [run as non-root]:
pwck: cannot lock file /etc/passwd
Output of grpck [as root]:
NO OUTPUT, JUST GOES TO NEW LINE, NO ERROR
Output of grpck [non-root]:
grpck: cannot lock file /etc/group
|
|
|
|
|
02-18-2004, 12:36 AM
|
#4
|
|
Member
Registered: Apr 2002
Posts: 549
Rep:
|
The configs seem ok (except the missing dirs).
For passwd, is the passwd binary's suid bit set? Then try editing /etc/pam.d/passwd (make a backup first) and replace all the lines with the following...
#%PAM-1.0
auth required pam_deny.so
password sufficient pam_unix.so md5 shadow
password required pam_deny.so
account required pam_deny.so
session required pam_deny.so
If making the above changes do work, then the problem should be in the /etc/pam.d/system-auth config file.
Also, are those the immediate log entries after running passwd?
For the su problem, did you try to su from a user shell or were you already root? If you are already in a root shell, su will not ask for a password.
|
|
|
|
|
02-18-2004, 06:00 PM
|
#5
|
|
Moderator
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.4, Oracle Linux, Mint, Debian/WSL
Posts: 9,795
|
Is your /etc/shadow file either missing or empty so the passwords are located in the /etc/passwd file ?
If true, use "pwconv" to create a shadow file.
The "passwd" command should work then.
Last edited by jlliagre; 02-19-2004 at 03:43 PM.
|
|
|
|
|
04-09-2004, 04:10 PM
|
#6
|
|
LQ Newbie
Registered: Apr 2004
Location: Iasi, Romania
Distribution: Gentoo && Fedora
Posts: 9
Rep: 
|
...and it does... Thanks, jlliagre. (Obviously had the same problem...)
|
|
|
|
All times are GMT -5. The time now is 02:09 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
