Aaaaaahhhhh...
Okay, so I can now characterize the problem better, and how to
reproduce...
On a system using an encrypted private, `mount | grep Private` to check:
1) invoke passwd
2) enter the "correct" current password
3) enter an invalid new password (such as something too simple) 6 times
The system level password will *not* be changed, even though the
spurious password change is printed.
However, pam_ecryptfs will be invoked in error, which will rewrap the
encrypted passphrase.
This will cause the system login passphrase and the ecryptfs wrapping
passphrase to be out-of-sync. The user's ~/Private directory will not
be mounted.
Further, "proper" attempts to "fix" the eCryptfs wrapped-passphrase will
fail, because the wrapping passphrase and the system passphrase are not
the same.
The only way for the user to rectify this problem will be to:
1) set the system password properly using passwd successfully
2) run `ecryptfs_rewrap_passphrase [file] [old wrapping passphrase] [new
wrapping passphrase]`
:-Dustin
** Changed in: pam (Ubuntu)
Importance: High => Critical
Status: Confirmed => Triaged
--
passwd - passwords do not match but updated successfully
https://bugs.launchpad.net/bugs/272232
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
