On Sun, Aug 24, 2008 at 02:41:37PM -0700, Steve Langasek wrote: > severity 496457 normal > tags 496457 unreproducible moreinfo > thanks > > On Sun, Aug 24, 2008 at 02:13:53PM -0700, Steve Lane wrote: > > Justification: breaks unrelated software > > False. Software that invokes PAM is not "unrelated".
Sorry, I guess I wasn't clear. The software that breaks is the entire machine, since once the screen is locked the (non-admin) user has no recourse except to (A) find an admin to kill kdesktop_lock, or (B) powercycle the machine. > > Aug 24 13:22:23 aspen unix_chkpwd[3472]: check pass; user unknown > > Aug 24 13:22:23 aspen unix_chkpwd[3472]: password check failed for user > > (iamsteve) > > Please report the permissions from /etc/shadow and /sbin/unix_chkpwd. I > suspect you have wrong perms on /etc/shadow. [EMAIL PROTECTED]> ls -l /etc/shadow /sbin/unix_chkpwd 16 -r-------- 1 root root 14020 Aug 24 14:53 /etc/shadow 28 -rwxr-sr-x 1 root shadow 26372 Aug 20 12:24 /sbin/unix_chkpwd* Note that we have 13 workstations with this identical config, all but two of which have been patched in the last two days. All of the ones which have been patched are broken in this way; the two that have not been patched are not. I am thus wondering if something changed with the last libpam patch..? Please be aware that this bug has been cross-posted to bugs #496455 and #496456 as well as this one (#496457). Thanks much, -- Steve Lane System, Network and Security Administrator Doudna Lab Biomolecular Structure and Mechanism Group UC Berkeley -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
