HPE Community
Operating System - Linux
1827872 Members
1545 Online
109969 Solutions
New Discussion

Re: unable to change passwd on linux

 
Anh-Thu Tran
Frequent Advisor

‎01-30-2006 08:53 AM

‎01-30-2006 08:53 AM

unable to change passwd on linux

My user tried to change passwd on linux box and did not get any errors:
==>passwd
Changing password for user lehanh.
Changing password for lehanh
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
However, the new passwd did not get changed. He still has to use the old passwd to login. Any ideas?
0 Kudos
Reply
13 REPLIES 13
Steven E. Protter
Exalted Contributor

‎01-30-2006 10:48 AM

‎01-30-2006 10:48 AM

Re: unable to change passwd on linux

Shalom Anh,

Several ideas:

1) The server uses NIS or LDAP and the actual password is changed elsewhere. This situation would also imply a loss of NIS/LDAP communication and would be evident in /var/log/messages

2) There is a space problem on the root filesystem.

3) There is a permissions problem or the /etc/shadow file is locked in some way.

In any chase check the time/date stamp on /etc/passwd and /etc/shadow and make sure the root filesystem is not too close to capacity.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎01-30-2006 11:30 PM

‎01-30-2006 11:30 PM

Re: unable to change passwd on linux

I agree, there should be a problem with the configuration of the pam service. You should be using a directory service.

Ensure that you configured correctly the pam files and nsswitch.conf to use the directory service for user authentication.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎01-31-2006 12:53 AM

‎01-31-2006 12:53 AM

Re: unable to change passwd on linux

Hi,
Thank you for your reply, but I would like to clarify my problem. Actually, my user would like to change his passwd on NIS client (linux box). As testing, I (root) switched to his id and successfully changed his passwd with passwd command. However, later the user could not change his passwd and got the error:
passwd: Failed preliminary check by password service

Now I don't know what wrong. Is it related to passwd aging that does not allow you to change the passwd too soon?
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎01-31-2006 01:10 AM

‎01-31-2006 01:10 AM

Re: unable to change passwd on linux

Do you have any extra information in /var/log/messages or /var/log/secure?
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎01-31-2006 01:19 AM

‎01-31-2006 01:19 AM

Re: unable to change passwd on linux

No, I could not find anything specific there. Do you expect what I should got on those files?
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎01-31-2006 02:20 AM

‎01-31-2006 02:20 AM

Re: unable to change passwd on linux

If you su again to the user, can you change the password (again)? It could be that when you run the passwd, for some reason the system still think that you are root, and root can bypass complexity check for the password.

When you try as the user, try selecting a complex password, like:

C*mplexP@ssw*rd (ComplexPassword)

Also try with yppasswd instead of passwd.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎01-31-2006 02:35 AM

‎01-31-2006 02:35 AM

Re: unable to change passwd on linux

The weird thing is after I reset the user passwd on NIS master, the user is able to change his passwd on NIS client with passwd command, but failed for the second time with the error message on the previous note. That's why I guess the passwd needs to be aged to change.
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎01-31-2006 02:59 AM

‎01-31-2006 02:59 AM

Re: unable to change passwd on linux

It could be, I never saw password aging with NIS, but post the ouput of the command:

chage username

To check the password aging options.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎01-31-2006 04:00 AM

‎01-31-2006 04:00 AM

Re: unable to change passwd on linux

You're right. There is no expire for passwd, so I don't know what's wrong.
0 Kudos
Reply
Bill Thorsteinson
Honored Contributor

‎01-31-2006 04:10 AM

‎01-31-2006 04:10 AM

Re: unable to change passwd on linux

What is the pam stack for passwd?
Are you using pam_unix2 or pam_unix, and
another module to update NIS?

Look at the nss switch configuration.
Normal users need to be able to read
the nss configuration files or things may
break.
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎01-31-2006 04:32 AM

‎01-31-2006 04:32 AM

Re: unable to change passwd on linux

On my /etc/pam.d/passwd, it shows:
password required pam_stack.so service=system-auth

Look like we are using pam_unix, not pam_unix2 on /etc/pam.d/system-auth:
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow nis

All entries on /etc/nsswitch.conf has nis, except those:
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files

Should I add nis to them? I am not sure how to check about other modules you asked for. Thanks.
0 Kudos
Reply
George Liu_4
Trusted Contributor

‎02-09-2006 08:45 AM

‎02-09-2006 08:45 AM

Re: unable to change passwd on linux

To change an NIS passwd, use
yppasswd
not
passwd
Also, The yp* package have bugs in some RHEL versions.
0 Kudos
Reply
Anh-Thu Tran
Frequent Advisor

‎02-10-2006 08:04 AM

‎02-10-2006 08:04 AM

Re: unable to change passwd on linux

Thank you for your reply, but even with yppasswd we still have problem. 1. Root can not change the user passwd with yppasswd command, only the user can do it . 2. If use yppasswd command to change root passwd on NIS client, it will change the root passwd on NIS server machine also. I tried to use passwd command to change root passwd only on NIS client machine, but failed. I thought passwd use to change local id (root) and yppasswd will change the NIS ids, but look like it doesn't work that way.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.