bin/74929: DES/BLF login.conf classes not working with passwd
Mahlon E. Smith
mahlon-dated-1110480323.6ec148 at martini.nu
Fri Dec 10 13:00:48 PST 2004
>Number: 74929
>Category: bin
>Synopsis: DES/BLF login.conf classes not working with passwd
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 10 21:00:45 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Mahlon E. Smith
>Release: FreeBSD 5.3-STABLE i386
>Organization:
Spime Solutions Group (www.spime.net)
>Environment:
n/a
>Description:
In any 5.x release, passwd ignores the passwd_format class key in
login.conf, and always generates a MD5 password.
>How-To-Repeat:
- enable des_users class in login.conf (for DES crypt passwords)
- run cap_mkdb /etc/login.conf
- edit the class field of the user(s) with vipw, changing their
login class to des_users.
mahlon:REMOVED:1001:1000:des_users:0:0:Mahlon E. Smith:/home/mahlon:/bin/tcsh
- change the password with passwd.
- check the master.passwd file. Password is MD5. ($1$...)
>Fix:
Because this works perfectly under 4.x, I'm assuming it's an issue
with the new PAM compatibility with passwd under 5.x.
To workaround for now, don't use passwd, instead use:
% pw usermod [username] -h 0
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list