[Bug 536930] Re: Password changing fails when "krb5" pam-config is not first
Russ Allbery
rra at debian.org
Wed Mar 10 22:13:53 GMT 2010
"Daniel Richard G." <skunk at iskunk.org> writes:
> This concerns libpam-krb5 3.15-1 in Karmic.
Looks like Launchpad for some reason filed the bug against
kerberos-configs instead. I'll move it.
> If you use the "krb5" profile for pam-auth-update, password changing
> works correctly---unless another profile goes above it, and the
> "Password" clause is used instead of "Password-Initial". (I simulated
> this by bumping the priority down to 255, putting it immediately after
> the "unix" profile.) Then you get
> $ passwd
> passwd: Authentication information cannot be recovered
> passwd: password unchanged
> The problem is in passing "use_authtok" to pam_krb5. Comparatively,
> try_first_pass/use_first_pass/nothing at least allows the "Current
> Kerberos password:" prompt to come up.
This was fixed in 4.0-1. The fix would need to be backported to karmic.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
** Package changed: kerberos-configs (Ubuntu) => libpam-krb5 (Ubuntu)
** Changed in: libpam-krb5 (Ubuntu)
Status: New => Fix Committed
--
Password changing fails when "krb5" pam-config is not first
https://bugs.launchpad.net/bugs/536930
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to kerberos-configs in ubuntu.
More information about the Ubuntu-server-bugs
mailing list