Date: 7 Mar 2001 10:30:03 -0000 From: venglin@freebsd.lublin.pl To: FreeBSD-gnats-submit@freebsd.org Subject: bin/25586: Password expiration doesn't work after upgrade of system Message-ID: <20010307103003.3754.qmail@riget.scene.pl>
next in thread | raw e-mail | index | archive | help
>Number: 25586 >Category: bin >Synopsis: Password expiration doesn't work after upgrade of system >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Mar 07 02:40:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Przemyslaw Frasunek >Release: FreeBSD 4.2-STABLE i386 >Organization: ISMEDIA >Environment: FreeBSD 4.2-STABLE as of 22 Feb 2001. On 4.2-STABLE as of 25 Dec 2000 everything was ok. /etc/login.conf: standard:\ :passwordperiod=90d:\ :autodelete=6w:\ :passwordtime=4w:\ :warnpassword=1w:\ :tc=default: OpenSSH version: SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). /etc/pam.conf: # OpenSSH with PAM support requires similar modules. The session one is # a bit strange, though... sshd auth sufficient pam_skey.so #sshd auth sufficient pam_kerberosIV.so try_first_pass sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so >Description: If password is expired, sshd enters in infinite loop flooding syslog with such messages and eating all CPU time. Mar 7 11:25:31 yeti sshd[43628]: PAM pam_chauthtok failed[6]: Permission denied Mar 7 11:25:31 yeti sshd[43628]: no modules loaded for `sshd' service The normal behaviour was to spawn passwd and allow user to change the password. >How-To-Repeat: Turn on password expiration, login on account with expired password. >Fix: Unknown. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010307103003.3754.qmail>