11-12-2009
Has the pam.conf got changed ?
IT Resource Center forums - cannot change a password, Problem with pam_chauthtok - This thread has been closed
-- The following answer was provided by a user on those forums: --
Quote:
thank you very much. pam.conf was the problem. As I neither did the setup nor the updates I can only gues but it looks like someone "played" with the pam.conf and made additional entries. With the last patchbundle came additional stuff into this file and this caused the problems.
The other node in the cluster had not a modified pam.conf and there the patchbunde worked perfect. First time I`m happy that the nodes in these clusters have different setups...
Last edited by otheus; 11-13-2009 at 07:10 AM..
Reason: Included relevant quote from the forum posting
10 More Discussions You Might Find Interesting
1. Solaris
Now I face a problem in changing the NIS passwd,I have no idea,want you to help me!
Today I add some user in the NIS master server ,I "vi" /etc/passwd &/etc/shadow,add user account and password by hand(shadow----no password ,only eight ":").
when finsh,I login ,system told me to input a password... (3 Replies)
Discussion started by: dlsjm
3 Replies
2. UNIX for Dummies Questions & Answers
I have a one line bat script run off a XP machine that tar's and compresses some files from a Sol 8 box. It goes something like this (a bit simplified)....
plink -pw <passwd> user@host "tar -cvf - -C / tmp/a_file | compress " > a_file.tar.Z
So this works....and it's worked many times. But now... (3 Replies)
Discussion started by: Yinzer955i
3 Replies
3. Solaris
Hi.
When i execute
which passwdit is showing /usr/bin/passwd, eventhough i set my path as
PATH=/etc:$PATH
i just checked the permission for the passwd under /usr/bin
-r-sr-sr-x
what exactly happening? and what is that s signifies
Thanks. (5 Replies)
Discussion started by: shahnazurs
5 Replies
4. Linux
hai friends i have deleted passwd command using rm command i thought it will come again at the time of rebooting but it is completely deleted how to get it worked again (5 Replies)
Discussion started by: venkata.ganesh
5 Replies
5. HP-UX
My goal is to protect the /etc/passwd from unauthorized viewing. I wish ti change the permissions of the file to :
-r--r----- 1 root bin
so only root or accounts of the "bin" group could query this sensitive file. All our other processes have been ajusted to not need any info from... (16 Replies)
Discussion started by: MartinGravel
16 Replies
6. UNIX for Dummies Questions & Answers
on Runnning passwd command on HPUX 11.23
I am getting
pam_chauthtok: Shared object load failure.
Pls help ... (1 Reply)
Discussion started by: ultimatix
1 Replies
7. UNIX for Dummies Questions & Answers
Hello to everybody i have question i do the
passwd -s -a commando and what to knos what is the meaning
of the second row.
PS
NL
LK
to the side is the date of expiraton and then a 7 a 90 what is the meaning of all that? tHANK YOU FOR YOUR TIME. (1 Reply)
Discussion started by: enkei17
1 Replies
8. Programming
This is the source code:
#include <pwd.h>
#include <iostream>
#include <string.h>
using namespace std;
int main()
{
struct passwd *user;
char login="alex", password="qwertyuiop";
if ((user= getpwnam(login)) == NULL)
cout << "No such user\n";
else if... (24 Replies)
Discussion started by: hakermania
24 Replies
9. Solaris
Hi,
I am using solaris 10. i am facing a strange problem regarding os passwd. i have a user oracle with passwd abc123
when i open a putty session with the os using abc123 it logs on. but if i use abc123!@# it agian log on without passwd error.
I came to know about the issue that if i... (5 Replies)
Discussion started by: malikshahid85
5 Replies
10. Solaris
hi
Actually the normal user as the permission of executing the passwd command due to suid program... eg consider the two users (normal user) as tom & jerry! when tom executes command as " passwd tom" no issue here...
In the same way when the same user tom uses the command as "passwd jerry" ... (1 Reply)
Discussion started by: sriniv666
1 Replies
LEARN ABOUT HPUX
pam_sm_chauthtok
pam_sm_chauthtok(3) Library Functions Manual pam_sm_chauthtok(3)
NAME
pam_sm_chauthtok - Service provider implementation for pam_chauthtok
SYNOPSIS
[ flag ... ] file ... [ library ... ]
DESCRIPTION
In response to a call to the PAM framework calls from the modules listed in the pam.conf(4) file. The password management provider sup-
plies the back-end functionality for this interface function.
changes the authentication token associated with a particular user referenced by the authentication handle, pamh.
The following flag may be passed in to
The password service should not generate any messages.
The password service should only update those passwords that have aged.
If this flag is not passed, the password service should update all passwords.
The password service should only perform preliminary checks.
No passwords should be updated.
The password service should update passwords.
Note that and can not be set at the same time.
Upon successful completion of the call, the authentication token of the user will be ready for change or will be changed (depending upon
the flag) in accordance with the authentication scheme configured within the system.
The argc argument represents the number of module options passed in from the configuration file pam.conf(4). argv specifies the module
options, which are interpreted and processed by the password management service. Please refer to the specific module man pages for the
various available options.
It is the responsibility of to determine if the new password meets certain strength requirements. may continue to re-prompt the user (for
a limited number of times) for a new password until the password entered meets the strength requirements.
Before returning, should call and retrieve both and If both are NULL, should set them to the new and old passwords as entered by the user.
APPLICATION USAGE
Refer to pam(3) for information on thread-safety of PAM interfaces.
NOTES
The PAM framework invokes the password services twice. The first time the modules are invoked with the flag, During this stage, the pass-
word modules should only perform preliminary checks (ping remote name services to see if they are ready for updates, for example). If a
password module detects a transient error (remote name service temporarily down, for example) it should return to the PAM framework, which
will immediately return the error back to the application. If all password modules pass the preliminary check, the PAM framework invokes
the password services again with the flag, During this stage, each password module should proceed to update the appropriate password. Any
error will again be reported back to application.
If a service module receives the flag, it should check whether the password has aged or expired. If the password has aged or expired, then
the service module should proceed to update the password. If the status indicates that the password has not yet aged/expired, then the
password module should return
If a user's password has aged or expired, a PAM account module could save this information as state in the authentication handle, pamh,
using The related password management module could retrieve this information using to determine whether or not it should prompt the user to
update the password for this particular module.
RETURN VALUES
Upon successful completion, must be returned. The following values may also be returned:
No permission.
Authentication token manipulation error.
Old authentication token cannot be recovered.
Authentication token lock busy.
Authentication token aging disabled.
User unknown to password service.
Preliminary check by password service failed.
SEE ALSO
pam(3), pam_chauthtok(3), pam.conf(4).
pam_sm_chauthtok(3)