topic Re: passwd: Authentication token manipulation error in Operating System - Linux

passwd: Authentication token manipulation error

joseph wholey — Tue, 28 Mar 2006 13:51:57 GMT

RHEL3 AS. I created a handful of userids on the system. When I log into the system as one of those users and issue "passwd" (to change the password), I get the following error.

passwd: Authentication token manipulation error

Any ideas.

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Tue, 28 Mar 2006 13:57:31 GMT

Try running system-config-auth and configure the right values.

Re: passwd: Authentication token manipulation error

joseph wholey — Tue, 28 Mar 2006 14:05:11 GMT

If you are talking about the /etc/pam.d/system-auth, it has the same values as all of my other working systems. If you are in fact talking about a file called "system-config-auth", it doesn't exist.

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Tue, 28 Mar 2006 14:18:25 GMT

It was system-config-authentication, and yes, I want that system-config-authentication set the right values for /etc/pam.d/passwd and related files. Check also /etc/nsswitch.conf.

Re: passwd: Authentication token manipulation error

joseph wholey — Tue, 28 Mar 2006 14:27:17 GMT

Ivan, can you be a little more clear on what you are saying... thx.

Re: passwd: Authentication token manipulation error

Rick Garland — Tue, 28 Mar 2006 15:12:03 GMT

I see this when there acct's corresponding entry is not in the /etc/shadow file.

This is 1 situation is which this error occurs.

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Tue, 28 Mar 2006 15:26:27 GMT

How did you created these users? With useradd? Are you using something like NIS or LDAP?

What I mean is that running system-config-authentication you can configure the pam settings for the files located in /etc/pam.d.

In /etc/nsswitch.conf you should have something like this:

passwd: files nis
shadow: files nis
group: files nis

Re: passwd: Authentication token manipulation error

joseph wholey — Tue, 28 Mar 2006 15:46:25 GMT

Not running NIS or LDAP in my environment.

Re: passwd: Authentication token manipulation error

Vitaly Karasik_1 — Wed, 29 Mar 2006 04:49:00 GMT

Joseph,
So you're able to login with your user account (and not just "su" from root), but cannot change password using "passwd"?

Re: passwd: Authentication token manipulation error

joseph wholey — Wed, 29 Mar 2006 08:52:05 GMT

Correct.

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Wed, 29 Mar 2006 09:13:36 GMT

What do you get when you run passwd in the /var/log/messages and /var/log/secure file?

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Wed, 29 Mar 2006 09:32:49 GMT

Also, ensure that the passwd command has the SUID bit enabled and it's owned by root.root.

Re: passwd: Authentication token manipulation error

Vitaly Karasik_1 — Wed, 29 Mar 2006 11:41:10 GMT

- can you send us output of
"grep passwd /etc/nsswitch.conf"
- is it possible to change root's password?
- is root able to change user's password?

Re: passwd: Authentication token manipulation error

joseph wholey — Wed, 29 Mar 2006 11:47:46 GMT

- can you send us output of
"grep passwd /etc/nsswitch.conf"
[root@rhel012 u]# grep passwd /etc/nsswitch.conf
#passwd: db files ldap nis
passwd: files

- is it possible to change root's password?
yes

- is root able to change user's password?
yes

Re: passwd: Authentication token manipulation error

Vitaly Karasik_1 — Wed, 29 Mar 2006 12:16:22 GMT

Agree with Ivan - permission/ownership of /usr/bin/passwd may be a problem. Let's check integrity of "passwd" package with

rpm -V passwd

command. Output of this command should be empty if everything is OK.

Re: passwd: Authentication token manipulation error

joseph wholey — Wed, 29 Mar 2006 12:49:37 GMT

As indicated... no output.

Re: passwd: Authentication token manipulation error

Vitaly Karasik_1 — Wed, 29 Mar 2006 14:00:14 GMT

"chpw" output?

Re: passwd: Authentication token manipulation error

Steven Mertens — Wed, 29 Mar 2006 16:23:51 GMT

Hello,

Is it possible you never set an initial password for the users you created with root ?

Try first setting a password with root for
the users you created.
Login with one of the created users and try passwd then.

Hope this helps.

S.

Re: passwd: Authentication token manipulation error

joseph wholey — Thu, 30 Mar 2006 08:34:57 GMT

Possible... but not the case. I create the id, set the password, log in for the first time using that password, go to change the password, and then I get the error:

passwd: Authentication token manipulation error

thx

Is it possible you never set an initial password for the users you created with root ?

Try first setting a password with root for
the users you created.
Login with one of the created users and try passwd then.

Re: passwd: Authentication token manipulation error

Ivan Ferreira — Thu, 30 Mar 2006 09:11:55 GMT

Logs please! /var/log/message /var/log/secure after the passwd command.

Check permissions for the /etc/passwd and /etc/shadow file.

/etc/passwd root.root -rw-r--r--
/etc/shadow root.root -r--------