[Novalug] Unable to change roots password

Shawn Wells swells@redhat.com
Fri Jun 20 11:01:36 EDT 2008


Oh sure, just blame SELinux.. ;)  If that were the case an audit event 
would be recorded in /var/log/messages or /var/log/audit/audit.log if 
you have that setup.

Generally though "passwd: Authentication failure" means you've mis-typed 
the passwords between the two prompts.

Your permissions on /etc/shadow are probably fine, else you'd get a 
message about "passwd: You may not view or modify password information 
for root."  Do you still get the error in single user mode?

Try a "strace -fo test_passwd_results passwd" then include the context 
of that file... would tell us more.




David A. Cafaro wrote:
> When you su to root, did you "su" or "su -".  Also if this is CentOS  
> box, version 4 or 5, is SELinux enabled and enforcing?
>
> If so try doing "setenfroce Permissive" and then try changing passwords.
>
> Just some ideas.
>
> -David
>
>
> On Jun 20, 2008, at 9:04 AM, Nick Danger wrote:
>
>   
>> Answering various questions in one email, Thanks everyone for the help
>> so far;
>>
>> Nothing in logs. messages, secure, nothing in dmsg. No errors/hints in
>> any log I can find.
>> No centralized ldap auth server, its a stand alone box. I can run  
>> passwd
>> on anyone as themselves, or root can change other users passwords just
>> not its own
>> I checked pam.d and they look the same across all servers. We
>> investigated centralized auth at one point but I don't think it ever  
>> got
>> beyond the talking stages.
>>
>> At last resort I am tempted to just cut the encrypted new PW from
>> another server and paste it into /etc/shadow. It just doesnt seem  
>> right
>> that it wont work correctly.....
>>
>> Nick
>>
>> Nick Danger wrote:
>>     
>>> I can connect to this server, and I can su to root (CentOS box) but
>>> oddly I cannot change roots password.
>>>
>>> [root@host ~]# passwd
>>> Changing password for user root.
>>> New UNIX password:
>>> Retype new UNIX password:
>>> passwd: Authentication failure
>>> [root@host ~]#
>>>
>>> Anyone ever seen that before?
>>>
>>> Nick
>>>
>>> _______________________________________________
>>> Novalug mailing list
>>> Novalug@calypso.tux.org
>>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>>
>>>       
>> _______________________________________________
>> Novalug mailing list
>> Novalug@calypso.tux.org
>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>     
>
> David A. Cafaro <dac@cafaro.net>
> Cafaro's Ramblings:  www.cafaro.net
>
>
>
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>   





More information about the Novalug mailing list