[Bug 343279] New: kdepasswd and ldap
https://bugzilla.novell.com/show_bug.cgi?id=343279 Summary: kdepasswd and ldap Product: openSUSE 10.3 Version: Final Platform: x86-64 OS/Version: openSUSE 10.3 Status: NEW Severity: Normal Priority: P5 - None Component: KDE AssignedTo: kde-maintainers@suse.de ReportedBy: kames@ibg-monforts.de QAContact: qa@suse.de Found By: --- It`s not passible to change a user password by using kdepasswd. The only error message in messages is passwd[30147]: pam_unix2(passwd:chauthtok): user "xxxx" does not exist in /etc/passwd or NIS I use the same /etc/pam.d/* in a opensuse 10.2 enviroments. And there is no Problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c1 Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |mc@novell.com --- Comment #1 from Dirk Mueller <dmueller@novell.com> 2007-11-27 07:00:16 MST --- any idea what has changed? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c2 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mc@novell.com, rhafer@novell.com Info Provider|mc@novell.com |kames@ibg-monforts.de --- Comment #2 from Michael Calmer <mc@novell.com> 2007-11-27 08:42:17 MST --- I think the message is correct, but the user exists in ldap, right? Please attach /etc/pam.d/* -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c3 Bastian Kames <kames@ibg-monforts.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|kames@ibg-monforts.de | --- Comment #3 from Bastian Kames <kames@ibg-monforts.de> 2007-11-27 09:54:26 MST --- Created an attachment (id=184916) --> (https://bugzilla.novell.com/attachment.cgi?id=184916) pam.d.tar -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279 Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |mc@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c4 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|mc@novell.com |rhafer@novell.com --- Comment #4 from Michael Calmer <mc@novell.com> 2007-11-30 05:19:07 MST --- password requisite pam_pwcheck.so nullok cracklib password sufficient pam_unix2.so nullok use_authtok password required pam_ldap.so try_first_pass use_authtok If pam_unix2 failed it goes to the next module(pam_ldap). pam_ldap is a very quiet module, sometimes it does not log errors. Needinfo to the pam_ldap maintainer. Ralf: what can we test to find out if pam_ldap is failing. Bastian: please try to enable all debugging with $> pam-config -a --pam-debug try to change the password and send /var/log/messages, please. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c5 --- Comment #5 from Bastian Kames <kames@ibg-monforts.de> 2007-11-30 05:55:36 MST --- Okay, but pam_ldap is not failing because login works great. changing password debug passwd[11847]: pam_pwcheck(passwd:chauthtok): pam_sm_chauthtok entered passwd[11847]: pam_pwcheck(passwd:chauthtok): pam_sm_chauthtok(PAM_PRELIM_CHECK) passwd[11847]: pam_unix2(passwd:chauthtok): pam_sm_chauthtok() called passwd[11847]: pam_unix2(passwd:chauthtok): username=[bastian] passwd[11847]: pam_unix2(passwd:chauthtok): user "bastian" does not exist in /etc/passwd or NIS passwd[11847]: pam_pwcheck(passwd:chauthtok): pam_sm_chauthtok entered passwd[11847]: pam_pwcheck(passwd:chauthtok): get old auth token passwd[11847]: pam_pwcheck(passwd:chauthtok): new auth token not set login debug kcheckpass[11850]: pam_unix2(kcheckpass:auth): pam_sm_authenticate() called kcheckpass[11850]: pam_unix2(kcheckpass:auth): username=[bastian] kcheckpass[11850]: pam_unix2(kcheckpass:auth): wrong password, return PAM_AUTH_ERR kcheckpass[11850]: pam_unix2(kcheckpass:setcred): pam_sm_setcred() called kcheckpass[11850]: pam_unix2(kcheckpass:setcred): username=[bastian] kcheckpass[11850]: pam_unix2(kcheckpass:setcred): pam_sm_setcred: PAM_SUCCESS -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c6 Ralf Haferkamp <rhafer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|rhafer@novell.com | --- Comment #6 from Ralf Haferkamp <rhafer@novell.com> 2007-11-30 07:31:34 MST --- (In reply to comment #4 from Michael Calmer)
password requisite pam_pwcheck.so nullok cracklib password sufficient pam_unix2.so nullok use_authtok password required pam_ldap.so try_first_pass use_authtok
If pam_unix2 failed it goes to the next module(pam_ldap). pam_ldap is a very quiet module, sometimes it does not log errors.
Needinfo to the pam_ldap maintainer.
Ralf: what can we test to find out if pam_ldap is failing.
Your right pam_ldap is pretty quite when it comes to debugging but in case of failures it usually logs something to /var/log/messages: ------------------------- pam_ldap: error trying to bind as user "uid=test,ou=people,dc=ldap-test,dc=site" (Invalid credentials) ------------------------- -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c7 Ralf Haferkamp <rhafer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |kames@ibg-monforts.de --- Comment #7 from Ralf Haferkamp <rhafer@novell.com> 2007-11-30 07:33:34 MST --- Btw, does the normal "passwd" command work for you? If it fails as well, what errormessages does it give you? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279#c8 --- Comment #8 from Bastian Kames <kames@ibg-monforts.de> 2007-11-30 22:37:03 MST --- yes, passwd works, and changed the password in the ldap. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279 User aj@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=343279#c9 Andreas Jaeger <aj@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|kames@ibg-monforts.de | --- Comment #9 from Andreas Jaeger <aj@novell.com> 2008-02-22 06:56:57 MST --- Info was provided. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279 Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P2 - High -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279 User llunak@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=343279#c10 Lubos Lunak <llunak@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |kames@ibg-monforts.de --- Comment #10 from Lubos Lunak <llunak@novell.com> 2009-01-08 07:25:54 MST --- Can you please try with a more recent version (either openSUSE11.1 or latest kdebase3 package from the KDE:KDE3 repository)? This should have been already fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=343279 User kames@ibg-monforts.de added comment https://bugzilla.novell.com/show_bug.cgi?id=343279#c11 Bastian Kames <kames@ibg-monforts.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|kames@ibg-monforts.de | Resolution| |FIXED --- Comment #11 from Bastian Kames <kames@ibg-monforts.de> 2009-01-08 07:53:41 MST --- Okay, fixed in opensuse 11.0. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com