Bug ID 1178727
Summary pam_unix contains uninitialized var leading to bogus password expiry warning
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Basesystem
Assignee screening-team-bugs@suse.de
Reporter matz@suse.com
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

With current Tumbleweed, and in particular pam 1.4.0, when you login to machine
with an account with a shadow entry (e.g. with a NIS account), you might get
a bogus warning for an expiring password, e.g.:

% ssh zen2
Warning: your password will expire in 32767 days.
Last login: Thu Nov 12 13:54:17 2020 from 2620:113:80c0:8000:10:161:61:109
...

The number might change, and the warning might or might not be emitted.  The
reason is an uninitialized variable, fixed upstream with commit db6b293046a.

The change in verbatim is:

--------------------------
diff --git a/modules/pam_unix/pam_unix_acct.c
b/modules/pam_unix/pam_unix_acct.c
index de8d65c1..f46f2308 100644
--- a/modules/pam_unix/pam_unix_acct.c
+++ b/modules/pam_unix/pam_unix_acct.c
@@ -189,7 +189,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
const char **argv)
     unsigned long long ctrl;
     const void *void_uname;
     const char *uname;
-    int retval, daysleft;
+    int retval, daysleft = -1;
     char buf[256];

     D(("called."));

You are receiving this mail because: