[Novalug] Unable to change roots password
Shawn Wells
swells@redhat.com
Fri Jun 20 11:01:36 EDT 2008
Oh sure, just blame SELinux.. ;) If that were the case an audit event
would be recorded in /var/log/messages or /var/log/audit/audit.log if
you have that setup.
Generally though "passwd: Authentication failure" means you've mis-typed
the passwords between the two prompts.
Your permissions on /etc/shadow are probably fine, else you'd get a
message about "passwd: You may not view or modify password information
for root." Do you still get the error in single user mode?
Try a "strace -fo test_passwd_results passwd" then include the context
of that file... would tell us more.
David A. Cafaro wrote:
> When you su to root, did you "su" or "su -". Also if this is CentOS
> box, version 4 or 5, is SELinux enabled and enforcing?
>
> If so try doing "setenfroce Permissive" and then try changing passwords.
>
> Just some ideas.
>
> -David
>
>
> On Jun 20, 2008, at 9:04 AM, Nick Danger wrote:
>
>
>> Answering various questions in one email, Thanks everyone for the help
>> so far;
>>
>> Nothing in logs. messages, secure, nothing in dmsg. No errors/hints in
>> any log I can find.
>> No centralized ldap auth server, its a stand alone box. I can run
>> passwd
>> on anyone as themselves, or root can change other users passwords just
>> not its own
>> I checked pam.d and they look the same across all servers. We
>> investigated centralized auth at one point but I don't think it ever
>> got
>> beyond the talking stages.
>>
>> At last resort I am tempted to just cut the encrypted new PW from
>> another server and paste it into /etc/shadow. It just doesnt seem
>> right
>> that it wont work correctly.....
>>
>> Nick
>>
>> Nick Danger wrote:
>>
>>> I can connect to this server, and I can su to root (CentOS box) but
>>> oddly I cannot change roots password.
>>>
>>> [root@host ~]# passwd
>>> Changing password for user root.
>>> New UNIX password:
>>> Retype new UNIX password:
>>> passwd: Authentication failure
>>> [root@host ~]#
>>>
>>> Anyone ever seen that before?
>>>
>>> Nick
>>>
>>> _______________________________________________
>>> Novalug mailing list
>>> Novalug@calypso.tux.org
>>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>>
>>>
>> _______________________________________________
>> Novalug mailing list
>> Novalug@calypso.tux.org
>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>
>
> David A. Cafaro <dac@cafaro.net>
> Cafaro's Ramblings: www.cafaro.net
>
>
>
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>
More information about the Novalug
mailing list