bin/67142: rpc.yppasswdd incorrectly throws errors about invalid shells with -s

Russell Cloran russell at rucus.ru.ac.za
Mon May 24 15:20:35 PDT 2004 

>Number:         67142
>Category:       bin
>Synopsis:       rpc.yppasswdd incorrectly throws errors about invalid shells with -s
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 24 15:20:16 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Russell Cloran
>Release:        FreeBSD 5.1-RELEASE-p13 i386
>Organization:
RUCUS
>Environment:
System: FreeBSD shell.rucus.ru.ac.za 5.1-RELEASE-p13 FreeBSD 5.1-RELEASE-p13 #3: Thu Feb 5 21:18:42 SAST 2004 drs at shell.rucus.ru.ac.za:/usr/obj/usr/src/sys/SHELL i386

This problem still exists on FreeBSD 5.2-CURRENT, as far as I can see.
Although I have not looked at the code, I believe that this problem did not
(does not) exist in FreeBSD 4.X (ICBW).

>Description:
The rpc.yppasswdd has an option to not allow shell changes (-s), but is
always passed a shell by the remote yppasswd. If an NIS client overrides the
shell provided by the ypserv, then yppasswd (pam_unix, actually, afaict)
will pass this new shell to the yppasswdd. If this shell has been set on the
client to a shell which is invalid on the server, a user will never be able
to change their password on the client.

It seems that the following thread on freebsd-questions is evidence of this problem:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=1145286+1148268+/usr/local/www/db/text/2004/freebsd-questions/20040425.freebsd-questions

>How-To-Repeat:
With client passwd file containing something like

+:*:::::/sbin/nologin

and "/sbin/nologin" not in the server's /etc/shells, an attempt to use
passwd(1) causes the following error, as shown in the system logs:

May 24 14:53:39 shell rpc.yppasswdd[62598]: /sbin/nologin is not a valid shell
May 24 14:53:39 shell rpc.yppasswdd[62598]: rejecting change attempt: bad arguments
May 24 14:53:39 shell rpc.yppasswdd[62598]: client address: 10.0.0.2 username: russell

on the NIS client side, error output might look something like,

passwd: pam_chauthtok(): error in service module

and something like the following in the syslog,

May 25 00:05:19 server passwd: in pam_sm_chauthtok(): yppasswd_remote(): NIS password update failed: shell.rucus.ru.ac.za: RPC: Server can't decode arguments 

("server" is our NIS client)

>Fix:

The following patch causes invalid shells not to be rejected if the shell is
not going to be changed anyways:

--- yppasswdd_server.c.orig	Sun Jun 15 23:24:45 2003
+++ yppasswdd_server.c	Mon May 24 23:42:47 2004
@@ -196,12 +196,12 @@
 	 * Don't allow the user to shoot himself in the foot,
 	 * even on purpose.
 	 */
-	if (!ok_shell(npw->pw_shell)) {
+	if (!no_chsh && !ok_shell(npw->pw_shell)) {
 		yp_error("%s is not a valid shell", npw->pw_shell);
 		return(1);
 	}
 
-	if (validchars(npw->pw_shell)) {
+	if (!no_chsh && validchars(npw->pw_shell)) {
 		yp_error("specified shell contains invalid characters");
 		return(1);
 	}


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list