Configuring shadow (using PAM)
Larry
larry at linuxfromscratch.org
Sat Dec 14 10:08:05 MST 2002
On Sat, Dec 14, 2002 at 04:45:13PM +0100, Fernando Arbeiza wrote:
> Hi:
>
> I have followed the BLFS book instructions about Shadow and Linux-PAM.
> After having installed and configured it, I tried to change the root's
> password. Then, passwd complains:
>
> passwd: Authentication information cannot be recovered
>
> Well, that's my problem but, after reading some information, I think I
> have found the reason.
>
> In the 'Configuring shadow' section of the book, the file
> /etc/pam.d/passwd reads:
>
> cat > /etc/pam.d/other << "EOF"
> # Begin /etc/pam.d/passwd
>
> password required pam_unix.so md5 shadow use_authtok
>
> # End /etc/pam.d/passwd
> EOF
>
> I have read the man pages about Linux-PAM and the module pam_unix.so
> about the use_authok argument, and I think it is used to:
>
> force this module to set the new password to the one provided by the
> previously stacked password module
>
> Since there is no previous module, I think the use_authtok is
> superfluous. When I run 'passwd' after removing that argument, it seems
> to work OK.
>
> Am I right or am I misinterpreting it?
>
> Thanks in advance.
>
> --
> Fernando Arbeiza
> arbeizaf [arroba(at)] ono [punto(dot)] com
> LFS en castellano: <URL:http://www.escomposlinux.org/lfs-es>
> --
Thanks for the info and sorry for the inconvenience. That setting came
from a hint and seemed reasonable, but I will look into it. There are so
few PAM users that I don't believe anything in this catagory is tested
enough to prevent mistakes in PAM. I just wish the punishment was more
like an inconvience and less like a potential disaster.
Larry
--
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message
More information about the blfs-support
mailing list