[Bug 220780] New: user passwords are lost when editing other ldap attributes of a user via yast
https://bugzilla.novell.com/show_bug.cgi?id=220780 Summary: user passwords are lost when editing other ldap attributes of a user via yast Product: SUSE Linux 10.1 Version: Final Platform: x86-64 OS/Version: SuSE Linux 10.1 Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: reitenbach@rapideye.de QAContact: jsrain@novell.com 1. In yast 2 I entered the user configuration, choose LDAP users from the filter 2. I changed the shell of a user from /bin/csh to /bin/bash 3. saved the new configuration and left yast result: - not only the shell was updated, but also the password somehow, because the user was unable to log in afterwards expected result: - only the field that changed has to be updated I have seen the same behavior on a SLES9 server before too. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |reitenbach@rapideye.de ------- Comment #1 from mhorvath@novell.com 2006-11-15 08:12 MST ------- Please provide the YaST log files. http://en.opensuse.org/Bugs/YaST -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|reitenbach@rapideye.de | Resolution| |INVALID ------- Comment #2 from reitenbach@rapideye.de 2006-11-23 02:33 MST ------- I am unable to reproduce it again, might be a user error, I'll close this bug and open a new one, if it happens again, then with a yast log. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 ------- Comment #3 from reitenbach@rapideye.de 2006-12-13 10:05 MST ------- Created an attachment (id=109588) --> (https://bugzilla.novell.com/attachment.cgi?id=109588&action=view) the requested yast 2 log file -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|INVALID | ------- Comment #4 from reitenbach@rapideye.de 2006-12-13 10:07 MST ------- it happended again, see uploaded logfile -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |jsuchome@novell.com |screening@forge.provo.novell| |.com | Status|REOPENED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |reitenbach@rapideye.de ------- Comment #5 from jsuchome@novell.com 2006-12-14 06:38 MST ------- Sorry, I'm not able to realize where the problem is from current logfiles. It could be possible if I provide you with some patches, enhancing the log with more debug messages. But for this, I need to know better what did you do. How exactly did you reproduce the problem? Was it changing of shell value again or something different? Does it reproduce every time you want to change the shell value or do you have to do some other steps? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 ------- Comment #6 from reitenbach@rapideye.de 2006-12-18 04:23 MST ------- what I have done: I started up yast, opened security and users opened the users configuration set the filter to show the ldap users changed the shell of about 5 users from csh to bash saved it and exited. I'll check if I can reproduce it on every time when I change the shell. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 ------- Comment #7 from jsuchome@novell.com 2007-01-09 02:27 MST ------- Any news? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|reitenbach@rapideye.de | ------- Comment #8 from reitenbach@rapideye.de 2007-01-09 12:07 MST ------- I think I found out how to reproduce it: issue the passwd command on the command line, provide the old LDAP password, and enter a new one twice. Then start yast go to security and users -> user management then set the filter for the ldap users and log in then change the shell and save and leave user management then try ssh localhost, and see a permission denied, try again. this worked three times in a row. the issueing of the passwd command and running yast were on the same host. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |reitenbach@rapideye.de ------- Comment #9 from jsuchome@novell.com 2007-01-15 06:31 MST ------- Does it work the same way if you change any other value than shell? Could you please save the ldapsearch output for that one specific user (just before you open yast), than do the yast action and do the ldapsearch again and see the exact difference between those 2 outputs? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 ------- Comment #10 from jsuchome@novell.com 2007-01-15 06:35 MST ------- Created an attachment (id=112972) --> (https://bugzilla.novell.com/attachment.cgi?id=112972&action=view) patch for /usr/share/YaST2/modules/UsersLDAP.pm Before running YaST, please patch your /usr/share/YaST2/modules/UsersLDAP.pm with this patch and after the test, attach also new y2logs. And please, tell me the name of user which is the being tested. Thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|reitenbach@rapideye.de | ------- Comment #11 from reitenbach@rapideye.de 2007-01-15 10:38 MST ------- the user is sre I changed the (LDAP) group association, and it also breaks the password, therefore the problem is not only bound to the shell. here the requested diff of the ldapsearch output, and indeed, the password changes: diff ldapsearch* 40d39 < userPassword:: e2NyeXB0fSQxJE81QkMwQ0R0JFAvcnlJcjVLenMzdWI3RThEUEo4Mi4= 42,44c41 < entryCSN: 20070115173306Z#000001#00#000000 < modifiersName: uid=sre,ou=people,dc=intern < modifyTimestamp: 20070115173306Z ---
userPassword:: e21kNX17Y3J5cHR9JDEkTzVCQzBDRHQkUC9yeUlyNUt6czN1YjdFOERQSjgyLg=
the original password was: TESTtestTEST (just for testing ;) the y2log file, with the patch will be appended. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 ------- Comment #12 from reitenbach@rapideye.de 2007-01-15 10:40 MST ------- Created an attachment (id=113016) --> (https://bugzilla.novell.com/attachment.cgi?id=113016&action=view) requested log file the log file, while adding user sre to a ldap group. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |reitenbach@rapideye.de ------- Comment #13 from jsuchome@novell.com 2007-01-16 01:59 MST ------- BTW, what is your version of yast2-users? The bug seems like a duplicate of bug 213574 (please do the same check as in comment 3 of that bug). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|reitenbach@rapideye.de | ------- Comment #14 from reitenbach@rapideye.de 2007-01-16 11:22 MST ------- # userconfiguration, ldapconfig, intern dn: cn=userconfiguration,ou=ldapconfig,dc=intern susePasswordHash: MD5 I use following version: yast2-users-2.13.16-10 in /etc/default/passwd is following defined: # This file contains some information for # the passwd (1) command and other tools # creating or modifying passwords. # Define default crypt hash # CRYPT={des,md5,blowfish} CRYPT=md5 # Use another crypt hash for group passwowrds. # This is used by gpasswd, fallback is the CRYPT entry. # GROUP_CRYPT=des # We can override the default for a special service # by appending the service name (FILES, YP, NISPLUS, LDAP) # for local files, use a more secure hash. We # don't need to be portable here: CRYPT_FILES=md5 # sometimes we need to specify special options for # a hash (variable is prepended by the name of the # crypt hash). BLOWFISH_CRYPT_FILES=10 # For NIS, we should always use DES: CRYPT_YP=des ~ -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #112972|0 |1 is obsolete| | ------- Comment #15 from jsuchome@novell.com 2007-01-17 01:16 MST ------- Created an attachment (id=113280) --> (https://bugzilla.novell.com/attachment.cgi?id=113280&action=view) patch for /usr/share/YaST2/modules/UsersLDAP.pm Could you try this new patch (with new y2logs if it is not succesful)? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |reitenbach@rapideye.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 reitenbach@rapideye.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|reitenbach@rapideye.de | ------- Comment #16 from reitenbach@rapideye.de 2007-01-17 07:38 MST ------- this new patch seems to fix the problem 1. I chaged the password on command line 2. then changed ldap group association in Yast and saved it 3. still possible to login with password thanks a lot -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=220780 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Comment #17 from jsuchome@novell.com 2007-01-17 07:45 MST ------- So it is a dup. *** This bug has been marked as a duplicate of bug 213574 *** -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com