Bug ID | 1178727 |
---|---|
Summary | pam_unix contains uninitialized var leading to bogus password expiry warning |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Basesystem |
Assignee | screening-team-bugs@suse.de |
Reporter | matz@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
With current Tumbleweed, and in particular pam 1.4.0, when you login to machine with an account with a shadow entry (e.g. with a NIS account), you might get a bogus warning for an expiring password, e.g.: % ssh zen2 Warning: your password will expire in 32767 days. Last login: Thu Nov 12 13:54:17 2020 from 2620:113:80c0:8000:10:161:61:109 ... The number might change, and the warning might or might not be emitted. The reason is an uninitialized variable, fixed upstream with commit db6b293046a. The change in verbatim is: -------------------------- diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index de8d65c1..f46f2308 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -189,7 +189,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) unsigned long long ctrl; const void *void_uname; const char *uname; - int retval, daysleft; + int retval, daysleft = -1; char buf[256]; D(("called."));