11-12-2009
Has the pam.conf got changed ?
IT Resource Center forums - cannot change a password, Problem with pam_chauthtok - This thread has been closed
-- The following answer was provided by a user on those forums: --
Quote:
thank you very much. pam.conf was the problem. As I neither did the setup nor the updates I can only gues but it looks like someone "played" with the pam.conf and made additional entries. With the last patchbundle came additional stuff into this file and this caused the problems.
The other node in the cluster had not a modified pam.conf and there the patchbunde worked perfect. First time I`m happy that the nodes in these clusters have different setups...
Last edited by otheus; 11-13-2009 at 07:10 AM..
Reason: Included relevant quote from the forum posting
10 More Discussions You Might Find Interesting
1. Solaris
Now I face a problem in changing the NIS passwd,I have no idea,want you to help me!
Today I add some user in the NIS master server ,I "vi" /etc/passwd &/etc/shadow,add user account and password by hand(shadow----no password ,only eight ":").
when finsh,I login ,system told me to input a password... (3 Replies)
Discussion started by: dlsjm
3 Replies
2. UNIX for Dummies Questions & Answers
I have a one line bat script run off a XP machine that tar's and compresses some files from a Sol 8 box. It goes something like this (a bit simplified)....
plink -pw <passwd> user@host "tar -cvf - -C / tmp/a_file | compress " > a_file.tar.Z
So this works....and it's worked many times. But now... (3 Replies)
Discussion started by: Yinzer955i
3 Replies
3. Solaris
Hi.
When i execute
which passwdit is showing /usr/bin/passwd, eventhough i set my path as
PATH=/etc:$PATH
i just checked the permission for the passwd under /usr/bin
-r-sr-sr-x
what exactly happening? and what is that s signifies
Thanks. (5 Replies)
Discussion started by: shahnazurs
5 Replies
4. Linux
hai friends i have deleted passwd command using rm command i thought it will come again at the time of rebooting but it is completely deleted how to get it worked again (5 Replies)
Discussion started by: venkata.ganesh
5 Replies
5. HP-UX
My goal is to protect the /etc/passwd from unauthorized viewing. I wish ti change the permissions of the file to :
-r--r----- 1 root bin
so only root or accounts of the "bin" group could query this sensitive file. All our other processes have been ajusted to not need any info from... (16 Replies)
Discussion started by: MartinGravel
16 Replies
6. UNIX for Dummies Questions & Answers
on Runnning passwd command on HPUX 11.23
I am getting
pam_chauthtok: Shared object load failure.
Pls help ... (1 Reply)
Discussion started by: ultimatix
1 Replies
7. UNIX for Dummies Questions & Answers
Hello to everybody i have question i do the
passwd -s -a commando and what to knos what is the meaning
of the second row.
PS
NL
LK
to the side is the date of expiraton and then a 7 a 90 what is the meaning of all that? tHANK YOU FOR YOUR TIME. (1 Reply)
Discussion started by: enkei17
1 Replies
8. Programming
This is the source code:
#include <pwd.h>
#include <iostream>
#include <string.h>
using namespace std;
int main()
{
struct passwd *user;
char login="alex", password="qwertyuiop";
if ((user= getpwnam(login)) == NULL)
cout << "No such user\n";
else if... (24 Replies)
Discussion started by: hakermania
24 Replies
9. Solaris
Hi,
I am using solaris 10. i am facing a strange problem regarding os passwd. i have a user oracle with passwd abc123
when i open a putty session with the os using abc123 it logs on. but if i use abc123!@# it agian log on without passwd error.
I came to know about the issue that if i... (5 Replies)
Discussion started by: malikshahid85
5 Replies
10. Solaris
hi
Actually the normal user as the permission of executing the passwd command due to suid program... eg consider the two users (normal user) as tom & jerry! when tom executes command as " passwd tom" no issue here...
In the same way when the same user tom uses the command as "passwd jerry" ... (1 Reply)
Discussion started by: sriniv666
1 Replies
LEARN ABOUT OPENSOLARIS
pam_chauthtok
pam_chauthtok(3PAM) PAM Library Functions pam_chauthtok(3PAM)
NAME
pam_chauthtok - perform password related functions within the PAM framework
SYNOPSIS
cc [ flag ... ] file ... -lpam [ library ... ]
#include <security/pam_appl.h>
int pam_chauthtok(pam_handle_t *pamh, const int flags);
DESCRIPTION
The pam_chauthtok() function is called to change the authentication token associated with a particular user referenced by the authentica-
tion handle pamh.
The following flag may be passed in to pam_chauthtok():
PAM_SILENT The password service should not generate any messages.
PAM_CHANGE_EXPIRED_AUTHTOK The password service should only update those passwords that have aged. If this flag is not passed, all pass-
word services should update their passwords.
PAM_NO_AUTHTOK_CHECK The password service should not perform conformance checks on the password entered.
Upon successful completion of the call, the authentication token of the user will be changed in accordance with the password service con-
figured in the system through pam.conf(4).
RETURN VALUES
Upon successful completion, PAM_SUCCESS is returned. In addition to the error return values described in pam(3PAM), the following values
may be returned:
PAM_PERM_DENIED No permission.
PAM_AUTHTOK_ERR Authentication token manipulation error.
PAM_AUTHTOK_RECOVERY_ERR Authentication information cannot be recovered.
PAM_AUTHTOK_LOCK_BUSY Authentication token lock busy.
PAM_AUTHTOK_DISABLE_AGING Authentication token aging disabled.
PAM_USER_UNKNOWN User unknown to password service.
PAM_TRY_AGAIN Preliminary check by password service failed.
ATTRIBUTES
See attributes(5) for description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability | Stable |
+-----------------------------+-----------------------------+
|MT-Level |MT-Safe with exceptions |
+-----------------------------+-----------------------------+
SEE ALSO
login(1), passwd(1), pam(3PAM), pam_authenticate(3PAM), pam_start(3PAM), attributes
NOTES
The flag PAM_CHANGE_EXPIRED_AUTHTOK is typically used by a login application which has determined that the user's password has aged or
expired. Before allowing the user to login, the login application may invoke pam_chauthtok() with this flag to allow the user to update the
password. Typically, applications such as passwd(1) should not use this flag.
The pam_chauthtok() functions performs a preliminary check before attempting to update passwords. This check is performed for each password
module in the stack as listed in pam.conf(4). The check may include pinging remote name services to determine if they are available. If
pam_chauthtok() returns PAM_TRY_AGAIN, then the check has failed, and passwords are not updated.
The flag PAM_NO_AUTHTOK_CHECK is typically used by programs that allow an administrator to bypass various password conformance checks when
setting a password for a user.
The interfaces in libpam are MT-Safe only if each thread within the multithreaded application uses its own PAM handle.
SunOS 5.11 1 Mar 2005 pam_chauthtok(3PAM)