FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 07-06-2008, 05:30 PM
Joseph Neal
 
Default login problem (password corruption? pam?)

Hello all.

Logins keep going bad on me. Repeatedly.

I first noticed the problem yesterday after updating sid. First sudo failed
to accept my password. I logged out of KDE and was not able to log back in.

Let's call my normal login that I've been using the past couple years login1.

After this happened I switched to a console where I was successfully able to
log in as root. I tried using usermod to reset the password for user1 but
was still unable to login. I can su to user1 from root, however. I created
a new user, user2, which I was able to use to successfully log in. After
adding user2 to sudoers I was able to use kuser to change the password for
user1 and log back in to my normal account. All was fine and dandy until a
few hours later the same thing started happening again. This time I was
unable to log in as user1 or user2 so I was forced to create a user3 and
again use kuser to set a new password for user1.

This time I'm not logging out until I figure out what's going on.

Any guess as to what's going on?

Any idea why kuser lets me successfully reset the password and not usermod?

Here's how all this looked to auth.log:

Jul 6 07:55:33 dsl017-124-002 kdm: :0[4670]: pam_unix(kdm:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user
=joe
Jul 6 07:55:51 dsl017-124-002 kdm: :0[4670]: pam_unix(kdm:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user
=joseph
Jul 6 07:56:22 dsl017-124-002 login[4702]: pam_unix(login:auth):
authentication failure; logname=LOGIN uid=0 euid=0 tty=tty4 ruser= rhost
= user=joe
Jul 6 07:56:24 dsl017-124-002 login[4702]: FAILED LOGIN (1) on 'tty4' FOR
`joe', Authentication failure
Jul 6 07:56:29 dsl017-124-002 login[4702]: pam_unix(login:session): session
opened for user root by LOGIN(uid=0)
Jul 6 07:56:29 dsl017-124-002 login[4761]: ROOT LOGIN on 'tty4'
Jul 6 07:59:48 dsl017-124-002 usermod[8030]: change user `joe' password
Jul 6 07:59:59 dsl017-124-002 login[4700]: pam_unix(login:auth):
authentication failure; logname=LOGIN uid=0 euid=0 tty=tty3 ruser= rhost
= user=joe
Jul 6 08:00:01 dsl017-124-002 login[4700]: FAILED LOGIN (1) on 'tty3' FOR
`joe', Authentication failure
Jul 6 08:00:40 dsl017-124-002 su[8035]: Successful su for joe by root
Jul 6 08:00:40 dsl017-124-002 su[8035]: + tty4 root:joe


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 07-07-2008, 01:54 AM
Raj Kiran Grandhi
 
Default login problem (password corruption? pam?)

Joseph Neal wrote:

Hello all.

Logins keep going bad on me. Repeatedly.

I first noticed the problem yesterday after updating sid. First sudo failed
to accept my password. I logged out of KDE and was not able to log back in.


Let's call my normal login that I've been using the past couple years login1.

After this happened I switched to a console where I was successfully able to
log in as root. I tried using usermod to reset the password for user1 but
was still unable to login. I can su to user1 from root, however. I created
a new user, user2, which I was able to use to successfully log in. After
adding user2 to sudoers I was able to use kuser to change the password for
user1 and log back in to my normal account. All was fine and dandy until a
few hours later the same thing started happening again. This time I was
unable to log in as user1 or user2 so I was forced to create a user3 and
again use kuser to set a new password for user1.


This time I'm not logging out until I figure out what's going on.

Any guess as to what's going on?

Any idea why kuser lets me successfully reset the password and not usermod?


By reset, do you mean setting a null password? For that you can just use
"passwd -d <username>"


Did you check the /etc/passwd and /etc/shadow files to see whether the
usernames are disabled?


I suggest doing the following:

Create a new user4. Login from the console as user4 and make a backup of
your /etc/passwd and /etc/shadow files. Wait till the system refuses to
let you in, and then compare the files with your backed up versions to
see if something suspicious is going on.





Here's how all this looked to auth.log:

Jul 6 07:55:33 dsl017-124-002 kdm: :0[4670]: pam_unix(kdm:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user

=joe
Jul 6 07:55:51 dsl017-124-002 kdm: :0[4670]: pam_unix(kdm:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user

=joseph
Jul 6 07:56:22 dsl017-124-002 login[4702]: pam_unix(login:auth):
authentication failure; logname=LOGIN uid=0 euid=0 tty=tty4 ruser= rhost

= user=joe
Jul 6 07:56:24 dsl017-124-002 login[4702]: FAILED LOGIN (1) on 'tty4' FOR
`joe', Authentication failure
Jul 6 07:56:29 dsl017-124-002 login[4702]: pam_unix(login:session): session
opened for user root by LOGIN(uid=0)

Jul 6 07:56:29 dsl017-124-002 login[4761]: ROOT LOGIN on 'tty4'
Jul 6 07:59:48 dsl017-124-002 usermod[8030]: change user `joe' password
Jul 6 07:59:59 dsl017-124-002 login[4700]: pam_unix(login:auth):
authentication failure; logname=LOGIN uid=0 euid=0 tty=tty3 ruser= rhost

= user=joe
Jul 6 08:00:01 dsl017-124-002 login[4700]: FAILED LOGIN (1) on 'tty3' FOR
`joe', Authentication failure

Jul 6 08:00:40 dsl017-124-002 su[8035]: Successful su for joe by root
Jul 6 08:00:40 dsl017-124-002 su[8035]: + tty4 root:joe




--

If you can't explain it simply, you don't understand it well enough.
-- Albert Einstein


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 02:39 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org