martyn.a.roberts at bt.com
2001-Nov-06 18:55 UTC
Solaris 7 changing password via PAM reply
Hi, Sorry no core dumps, the sshd programme is perfectly happy just fails to consider changing the password. Cheers, Martyn -----Original Message----- From: Ed Phillips [mailto:ed at UDel.Edu] Sent: 06 November 2001 18:38 To: Roberts,M,Martyn,IVLH4 C Cc: openssh-unix-dev Subject: Re: Solaris 7 changing password via PAM On Tue, 6 Nov 2001 martyn.a.roberts at bt.com wrote:> Date: Tue, 6 Nov 2001 17:58:54 -0000 > From: martyn.a.roberts at bt.com > To: openssh-unix-dev at mindrot.org > Subject: Solaris 7 changing password via PAM > > Hi, > > I am having a problem with the issue of changing the password for anexpired> user (passed -f <user>). > The version of Openssh is 2.9.9p3 compiled with gcc 2.95.3, configured > --with-pam. > > The user can login fine when the password is not expired. Once thepassword> is expired the user is connected and told the password has expired and is > asked to change it. The user is prompted for the old password, this isthen> entered (without echoing, - the RP_ALLOW_STDIN code change has beenapplied)> as soon as carriage-return is hit the used it disconnected. > The error appears to be with the chauthtok function call.Does sshd dump core? What's the stack trace? That'd help a lot - knowing what the calling routine was (before it got into PAM-land)...> Building the same code functions correctly on Solaris 8. > I have had to return the box to work (albeit with a non expiry changing > Openssh) so will take a little while if I have to get hold of lots ofdebug> logs. Am hoping that someone has already seen this? (fingers crossed ;-)Oh... well can you sneak in and run adb on the core? Thanks, Ed Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key
Maybe Darren can reproduce this? On Tue, 6 Nov 2001 martyn.a.roberts at bt.com wrote:> Date: Tue, 6 Nov 2001 18:55:03 -0000 > From: martyn.a.roberts at bt.com > To: openssh-unix-dev at mindrot.org > Subject: RE: Solaris 7 changing password via PAM reply > > Hi, > > Sorry no core dumps, the sshd programme is perfectly happy just fails to > consider changing the password. > > Cheers, > Martyn > > -----Original Message----- > From: Ed Phillips [mailto:ed at UDel.Edu] > Sent: 06 November 2001 18:38 > To: Roberts,M,Martyn,IVLH4 C > Cc: openssh-unix-dev > Subject: Re: Solaris 7 changing password via PAM > > > On Tue, 6 Nov 2001 martyn.a.roberts at bt.com wrote: > > > Date: Tue, 6 Nov 2001 17:58:54 -0000 > > From: martyn.a.roberts at bt.com > > To: openssh-unix-dev at mindrot.org > > Subject: Solaris 7 changing password via PAM > > > > Hi, > > > > I am having a problem with the issue of changing the password for an > expired > > user (passed -f <user>). > > The version of Openssh is 2.9.9p3 compiled with gcc 2.95.3, configured > > --with-pam. > > > > The user can login fine when the password is not expired. Once the > password > > is expired the user is connected and told the password has expired and is > > asked to change it. The user is prompted for the old password, this is > then > > entered (without echoing, - the RP_ALLOW_STDIN code change has been > applied) > > as soon as carriage-return is hit the used it disconnected. > > The error appears to be with the chauthtok function call. > > Does sshd dump core? What's the stack trace? That'd help a lot - knowing > what the calling routine was (before it got into PAM-land)... > > > Building the same code functions correctly on Solaris 8. > > I have had to return the box to work (albeit with a non expiry changing > > Openssh) so will take a little while if I have to get hold of lots of > debug > > logs. Am hoping that someone has already seen this? (fingers crossed ;-) > > Oh... well can you sneak in and run adb on the core? > > Thanks, > > Ed > > Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 > Systems Programmer III, Network and Systems Services > finger -l ed at polycut.nss.udel.edu for PGP public key >Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082 Systems Programmer III, Network and Systems Services finger -l ed at polycut.nss.udel.edu for PGP public key