- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- passwd: not allowed to run passwd
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2004 04:13 AM
05-31-2004 04:13 AM
passwd: not allowed to run passwd
system, running passwd as root.
I am aware that root has a problem with overriding the u_pswduser= flag on 10.20 systems, and the default entry seems normal.
An example of an entry is:
sys:u_name=sys:u_id#3:\
:u_pwd=*:\
:u_auditid#3:\
:u_auditflag#1:\
:u_unsucchg#1086019826:u_suclog#890421064:u_lock@:\
:chkent:
root@ecdev105:/tcb/files/auth/s# passwd sys
Last successful password change for sys: NEVER
Last unsuccessful password change for sys: Mon May 31 12:10:26 2004
passwd: not allowed to run passwd
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2004 06:33 PM
05-31-2004 06:33 PM
Re: passwd: not allowed to run passwd
I'm not sure, if this will help. I have found some note about passwordaging in my notes:
Setting Password restrictions w/o a trusted system , HP/UX, trusted system
Before the invention of trusted systems you could put a letter and number combination in your password file. Thi still works today. I managed to fin this in old HP
System Admin Student Workbook. At the end of the encrypted password you add ,char1char2 char1 is the maximum number of weeks the password is valid and
char2 is the minimum number of weeks that must pass before the password can be changed. The following is a good guide: Value # of weeks
. 0
/ 1
0-9 2-11
A-Z 12-37
a-z 38-63
so for example if you wanted a user to change their password somewhere between 11 and 2 weeks you would put ,A9. (man 4 passwd)
May be, this gives you some idea wher to look for the problem.
Bye
Ralf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2004 06:47 PM
05-31-2004 06:47 PM
Re: passwd: not allowed to run passwd
just like to confirm the permission of passwd:
# ll /usr/bin/passwd
-r-sr-xr-x 5 root bin
^
/|\
|
it should have SUID bit set.
regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 12:42 AM
06-01-2004 12:42 AM
Re: passwd: not allowed to run passwd
In reply to Joseph Loo, I am trying to run the passwd command as root, but in any case it is suid root.
-r-sr-xr-x 1 root bin 86016 Mar 3 1997 /bin/passwd
I have attached my /tcb/files/auth/system/default file in case that has any bearing...
Just to clairify, this affects every account on the system, I chose sys for the example as it is a clean/simple entry.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 03:36 AM
06-01-2004 03:36 AM
Re: passwd: not allowed to run passwd
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 04:13 AM
06-01-2004 04:13 AM
Re: passwd: not allowed to run passwd
root@ecdev105:/# authck -p -v
finding all entries in the Protected Password database, in /tcb/files/auth
Checking format of files in Protected Password database /tcb/files/auth
finding all entries in the Protected Password database, in /tcb/files/auth
Format of all Protected Password entries OK
Checking Protected Password against getprpwent()
Checking Protected Password against /etc/passwd
Checking Protected Password fields against those in /etc/passwd
Checking internal consistency of Protected Password fields
root cannot have a password set on the account
daemon cannot have a password set on the account
bin cannot have a password set on the account
sys cannot have a password set on the account
adm cannot have a password set on the account
etc.
(If only it would say why...)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 06:13 AM
06-01-2004 06:13 AM
Re: passwd: not allowed to run passwd
Three options:-
1. Check patch levels.
2. Turn off and then back on trusted mode.
3. Upgrade to ver 11 (10.20) is now not supported.
Did this ever work and if so what has changed?
Paula
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 08:16 AM
06-01-2004 08:16 AM
Re: passwd: not allowed to run passwd
Can you post the contents of /tcb/files/auth/system/default? I believe this file might have gotten corrupted.
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2004 08:41 AM
06-01-2004 08:41 AM
Re: passwd: not allowed to run passwd
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-02-2004 12:56 AM
06-02-2004 12:56 AM
Re: passwd: not allowed to run passwd
Okay, I have the solution. It was, as supposed, the default file that was the problem, the entry u_pickpw was missing.
After converting to untrusted and back again, passwd started working, so I traced the problem back to the default file, and added in entries one at a time to the original until it worked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2004 02:46 AM
06-08-2004 02:46 AM
Re: passwd: not allowed to run passwd
Regards,
Chuck Davis
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-09-2005 02:04 AM
02-09-2005 02:04 AM
Re: passwd: not allowed to run passwd
I went back into the sam log and noticed the problem lied with the /var/spool/cron/crontabs/backup directory. I then untrusted the system, removed /var/spool/cron/crontabs/backup and then trusted the system with no errors.
I was fortunate to do this testing on a non-production server.
authck -p now returns no errors.