Passwd command problem


 
Thread Tools Search this Thread
Homework and Emergencies Emergency UNIX and Linux Support Passwd command problem
# 1  
Old 11-12-2009
Bug Passwd command problem

on Runnning passwd command on HPUX 11.23

I am getting

pam_chauthtok: Shared object load failure.


Pls help ...
# 2  
Old 11-12-2009
Has the pam.conf got changed ?

IT Resource Center forums - cannot change a password, Problem with pam_chauthtok - This thread has been closed

-- The following answer was provided by a user on those forums: --
Quote:
thank you very much. pam.conf was the problem. As I neither did the setup nor the updates I can only gues but it looks like someone "played" with the pam.conf and made additional entries. With the last patchbundle came additional stuff into this file and this caused the problems.

The other node in the cluster had not a modified pam.conf and there the patchbunde worked perfect. First time I`m happy that the nodes in these clusters have different setups...

Last edited by otheus; 11-13-2009 at 07:10 AM.. Reason: Included relevant quote from the forum posting
# 3  
Old 11-12-2009
Check your pam.conf is modified or pam_chauthtok may corrupted .. Smilie
# 4  
Old 11-13-2009
Bug

unable to figureout . might be someone tinkered withthe pam.conf .
seems reinstallation is the only solution

thanks the geek and katb .. I had checked the HP forum that you hyperlinked .. still clueless

pam_chauthtok doesnt exist on our system :-(
# 5  
Old 11-13-2009
Okay, REMOVE the line in pam.conf that refers to pam_chauthtok. It's probably unnecessary.

Look, PAM has three parts: a configuration file, a set of modules which do the hard work, and an API for applications (like "passwd" and "login") to interface to. Each application can use PAM how it wants, but there are general guidelines everyone follows. First, each application will go through PAM's "auth" service, which authenticates the user of the application. This is where "passwd" asks for your existing password and then uses each module that is configured in "pam.conf" (for "passwd" program) and invokes the "auth" service for all modules listed in the "auth" service; a failure in any one of the required modules will fail the whole service. Then, the "passwd" program will ask you for your new password (twice) and will then invoke the "password" service for each module listed in pam.conf for the passwd program under the "password" service; again, a failure for any required module will fail the whole service. In your case the failure is for a module failing to load. I suspect the chauthtok module is not really needed. So you can remove the line in pam.conf that says something like:
Code:
 passwd  password  required  pam_chauthtok.so

Now, if I'm wrong, one possibility is that passwd will fail "silently". That is, it will tell you it worked, when in fact, no change to the shadow file was actually made. In this case, it might be that pam_chauthtok was removed or that it is another module here that is needed.
# 6  
Old 11-16-2009
Hi otheus ,
following are the contents of my pam.conf file

#
# PAM configuration
#
# Notes:
#
# If the path to a library is not absolute, it is assumed to be
# relative to the directory /usr/lib/security/$ISA/
#
# For PA applications, /usr/lib/security/$ISA/libpam_unix.so.1 is a
# symbolic link that points to the corresponding PA (32 or 64-bit) PAM
# backend library.
#
# The $ISA (i.e. Instruction Set Architecture) token will be replaced
# by the PAM engine with an appropriate directory string.
# See pam.conf(4).
#
# Also note that the use of pam_hpsec(5) is mandatory for some of
# the services. See pam_hpsec(5).
#
# Authentication management
#
login auth required libpam_hpsec.so.1
login auth required libpam_unix.so.1
su auth required libpam_unix.so.1
dtlogin auth required libpam_hpsec.so.1
dtlogin auth required libpam_unix.so.1
dtaction auth required libpam_hpsec.so.1
dtaction auth required libpam_unix.so.1
ftp auth required libpam_hpsec.so.1
ftp auth required libpam_unix.so.1
rcomds auth required libpam_hpsec.so.1
rcomds auth required libpam_unix.so.1
sshd auth required libpam_hpsec.so.1
sshd auth required libpam_unix.so.1
OTHER auth required libpam_unix.so.1
#
# Account management
#
login account required libpam_hpsec.so.1
login account required libpam_unix.so.1
su account required libpam_unix.so.1
dtlogin account required libpam_hpsec.so.1
dtlogin account required libpam_unix.so.1
dtaction account required libpam_hpsec.so.1
dtaction account required libpam_unix.so.1
ftp account required libpam_hpsec.so.1
ftp account required libpam_unix.so.1
rcomds account required libpam_hpsec.so.1
rcomds account required libpam_unix.so.1
sshd account required libpam_hpsec.so.1
sshd account required libpam_unix.so.1
OTHER account required libpam_unix.so.1
#
# Session management
#
login session required libpam_hpsec.so.1
login session required libpam_unix.so.1
dtlogin session required libpam_hpsec.so.1
dtlogin session required libpam_unix.so.1
ftp session required libpam_hpsec.so.1 bypass_limit_login bypass_umask bypass_nologin
ftp session required libpam_unix.so.1
rcomds session required libpam_hpsec.so.1 bypass_limit_login
rcomds session required libpam_unix.so.1
sshd session required libpam_hpsec.so.1
sshd session required libpam_unix.so.1
OTHER session required libpam_unix.so.1
#
# Password management
#
login password required libpam_hpsec.so.1
login password required libpam_unix.so.1
passwd password required libpam_hpsec.so.1
passwd password required libpam_unix.so.1
dtlogin password required libpam_hpsec.so.1
dtlogin password required libpam_unix.so.1
sshd password required libpam_hpsec.so.1
sshd password required libpam_unix.so.1
OTHER password required libpam_unix.so.1


I commented the line " passwd password required libpam_unix.so.1 "

But it didnt help.. Also we dont have /etc/shadow file nor /etc/pam_chauthtok . Ii verified the other servers also ..

Pls help
# 7  
Old 11-16-2009
Quote:
I commented the line " passwd password required libpam_unix.so.1 "
That line should STAY in.
Quote:
/etc/shadow file nor /etc/pam_chauthtok
I don't understand why you have no shadow file. Perhaps this is not a feature in HPUX. /etc/pam_chauthtok wouldn't exist. Is there a /etc/pam.d/passwd file?

Now that I've seen your pam.conf file, tThe whole thing sounds fishy. I'll bring this one to the attention of someone more versant in HPUX than myself.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

passwd command validation

hi Actually the normal user as the permission of executing the passwd command due to suid program... eg consider the two users (normal user) as tom & jerry! when tom executes command as " passwd tom" no issue here... In the same way when the same user tom uses the command as "passwd jerry" ... (1 Reply)
Discussion started by: sriniv666
1 Replies

2. Solaris

Solaris passwd problem

Hi, I am using solaris 10. i am facing a strange problem regarding os passwd. i have a user oracle with passwd abc123 when i open a putty session with the os using abc123 it logs on. but if i use abc123!@# it agian log on without passwd error. I came to know about the issue that if i... (5 Replies)
Discussion started by: malikshahid85
5 Replies

3. Programming

C++ - Problem in asking and checking user's passwd

This is the source code: #include <pwd.h> #include <iostream> #include <string.h> using namespace std; int main() { struct passwd *user; char login="alex", password="qwertyuiop"; if ((user= getpwnam(login)) == NULL) cout << "No such user\n"; else if... (24 Replies)
Discussion started by: hakermania
24 Replies

4. UNIX for Dummies Questions & Answers

passwd command what is the meaning

Hello to everybody i have question i do the passwd -s -a commando and what to knos what is the meaning of the second row. PS NL LK to the side is the date of expiraton and then a 7 a 90 what is the meaning of all that? tHANK YOU FOR YOUR TIME. (1 Reply)
Discussion started by: enkei17
1 Replies

5. UNIX for Dummies Questions & Answers

Passwd command not working

on Runnning passwd command on HPUX 11.23 I am getting pam_chauthtok: Shared object load failure. Pls help ... (1 Reply)
Discussion started by: ultimatix
1 Replies

6. HP-UX

Openspool problem when changing /etc/passwd permissions

My goal is to protect the /etc/passwd from unauthorized viewing. I wish ti change the permissions of the file to : -r--r----- 1 root bin so only root or accounts of the "bin" group could query this sensitive file. All our other processes have been ajusted to not need any info from... (16 Replies)
Discussion started by: MartinGravel
16 Replies

7. Linux

how to get passwd command again if it is deleted by usin rm command

hai friends i have deleted passwd command using rm command i thought it will come again at the time of rebooting but it is completely deleted how to get it worked again (5 Replies)
Discussion started by: venkata.ganesh
5 Replies

8. Solaris

passwd command search

Hi. When i execute which passwdit is showing /usr/bin/passwd, eventhough i set my path as PATH=/etc:$PATH i just checked the permission for the passwd under /usr/bin -r-sr-sr-x what exactly happening? and what is that s signifies Thanks. (5 Replies)
Discussion started by: shahnazurs
5 Replies

9. UNIX for Dummies Questions & Answers

Plink problem....only works if passwd is in the script

I have a one line bat script run off a XP machine that tar's and compresses some files from a Sol 8 box. It goes something like this (a bit simplified).... plink -pw <passwd> user@host "tar -cvf - -C / tmp/a_file | compress " > a_file.tar.Z So this works....and it's worked many times. But now... (3 Replies)
Discussion started by: Yinzer955i
3 Replies

10. Solaris

problem in changing the NIS passwd

Now I face a problem in changing the NIS passwd,I have no idea,want you to help me! Today I add some user in the NIS master server ,I "vi" /etc/passwd &/etc/shadow,add user account and password by hand(shadow----no password ,only eight ":"). when finsh,I login ,system told me to input a password... (3 Replies)
Discussion started by: dlsjm
3 Replies
Login or Register to Ask a Question