You are not logged in.

Pages: 1

#1 2023-09-09 15:16:37

lenhuppe
Member
From: New Hampshire USA
Registered: 2018-12-10
Posts: 282
Website

SOLVED passwd command fails

The passwd command is giving me the following:

passwd: Authentication token manipulation error
passwd: password unchanged

I am able to get arround with this old trick:

echo 'user:pass' | chpasswd

first noticed a problem during a test run of my custom installer when the adduser command failed. My workaround was to set the root password and skip adding users. Upon first boot I am able to run adduser but the passwd command fails as shown above. Not sure how to proceed.

Last edited by lenhuppe (2023-09-10 22:56:59)

"I'm suspicious of people who don't like dogs, but I trust a dog when it doesn't like a person."  -- Bill Murray

Offline

#2 2023-09-09 16:05:33

seth
Member
Registered: 2012-09-03
Posts: 59,897

Re: SOLVED passwd command fails

pacman -Qikk shadow pambase

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#3 2023-09-09 16:31:57

lenhuppe
Member
From: New Hampshire USA
Registered: 2018-12-10
Posts: 282
Website

Re: SOLVED passwd command fails

seth wrote:
pacman -Qikk shadow pambase
pacman -Qikk shadow pambase
Name            : shadow
Version         : 4.13-2
Description     : Password and account management tool suite with support for shadow files and PAM
Architecture    : x86_64
URL             : https://github.com/shadow-maint/shadow
Licenses        : BSD
Groups          : None
Provides        : None
Depends On      : acl  libacl.so=1-64  attr  libattr.so=1-64  audit  libaudit.so=1-64  glibc  libxcrypt  libcrypt.so=2-64  pam  libpam.so=0-64  libpam_misc.so=0-64
Optional Deps   : None
Required By     : accountsservice  base  git  util-linux
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 3.85 MiB
Packager        : David Runge <dvzrv@archlinux.org>
Build Date      : Wed 25 Jan 2023 03:29:34 AM EST
Install Date    : Sat 12 Aug 2023 11:39:22 AM EDT
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

warning: shadow: /etc/default/useradd (failed to calculate MD5 checksum)
warning: shadow: /etc/default/useradd (failed to calculate SHA256 checksum)
backup file: shadow: /etc/pam.d/passwd (Modification time mismatch)
backup file: shadow: /etc/pam.d/passwd (Size mismatch)
backup file: shadow: /etc/pam.d/passwd (MD5 checksum mismatch)
backup file: shadow: /etc/pam.d/passwd (SHA256 checksum mismatch)
shadow: 605 total files, 1 altered file

Name            : pambase
Version         : 20221020-1
Description     : Base PAM configuration for services
Architecture    : any
URL             : https://www.archlinux.org
Licenses        : GPL
Groups          : None
Provides        : None
Depends On      : None
Optional Deps   : None
Required By     : pam
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 2.65 KiB
Packager        : David Runge <dvzrv@archlinux.org>
Build Date      : Thu 20 Oct 2022 05:57:24 AM EDT
Install Date    : Sat 12 Aug 2023 11:39:22 AM EDT
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

pambase: 8 total files, 0 altered files

Last edited by lenhuppe (2023-09-09 18:39:41)

"I'm suspicious of people who don't like dogs, but I trust a dog when it doesn't like a person."  -- Bill Murray

Offline

#4 2023-09-09 18:41:41

seth
Member
Registered: 2012-09-03
Posts: 59,897

Re: SOLVED passwd command fails

backup file: shadow: /etc/pam.d/passwd (Modification time mismatch)
backup file: shadow: /etc/pam.d/passwd (Size mismatch)
backup file: shadow: /etc/pam.d/passwd (MD5 checksum mismatch)
backup file: shadow: /etc/pam.d/passwd (SHA256 checksum mismatch)
shadow: 605 total files, 1 altered file

Well?

cat /etc/pam.d/passwd

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#5 2023-09-09 21:44:31

lenhuppe
Member
From: New Hampshire USA
Registered: 2018-12-10
Posts: 282
Website

Re: SOLVED passwd command fails

seth wrote:
cat /etc/pam.d/passwd

That was it for the passwd issue. I have been disabling null passwords by changing nullok to use_authtok, but that is now causing problems. By keeping the default settings passwd appears to work again. I have now corrected my code and I have the following default settings:

cat /etc/pam.d/passwd
#%PAM-1.0
password	required	pam_unix.so sha512 shadow nullok

Now I need to find out why useradd is failing when my installer runs in chroot.

Last edited by lenhuppe (2023-09-10 02:47:07)

"I'm suspicious of people who don't like dogs, but I trust a dog when it doesn't like a person."  -- Bill Murray

Offline

#6 2023-09-10 06:19:38

seth
Member
Registered: 2012-09-03
Posts: 59,897

Re: SOLVED passwd command fails

What was the previously stacked password module?

Now I need to find out why useradd is failing when my installer runs in chroot.

warning: shadow: /etc/default/useradd (failed to calculate MD5 checksum)
warning: shadow: /etc/default/useradd (failed to calculate SHA256 checksum)
sudo pacman -Qkk shadow

Also please don't paraphrase, https://bbs.archlinux.org/viewtopic.php?id=57855
*How* does it fail?

Edit: https://bbs.archlinux.org/viewtopic.php … 7#p2119857 ?

Last edited by seth (2023-09-10 11:00:25)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#7 2023-09-10 22:50:09

lenhuppe
Member
From: New Hampshire USA
Registered: 2018-12-10
Posts: 282
Website

Re: SOLVED passwd command fails

seth wrote:

What was the previously stacked password module?

To the best of my knowledge /etc/pam.d/passwd used to be the following:

#%PAM-1.0
password	required	pam_unix.so sha512 shadow nullok
#password	required	pam_unix.so sha512 shadow use_authtok

I learned to disable null passwords using sed:

sed -i {
    /password.*nullok/s/^/#/
    /password.*use_authtok/s/^#//
} /etc/pam.d/passwd

At some point the default contents of the file changed, and the only line entry was getting commented out.
When the passwd command crashed I was not thinking about that file. I am no longer modifying the file.

seth wrote:
warning: shadow: /etc/default/useradd (failed to calculate MD5 checksum)
warning: shadow: /etc/default/useradd (failed to calculate SHA256 checksum)
sudo pacman -Qkk shadow

Now that the shadow package has been updated:

sudo pacman -Qkk shadow
[sudo] password for lenny: 
shadow: 605 total files, 0 altered files
seth wrote:

*How* does it fail?

My installer has a script that runs within a chroot from the booted ISO. When that script reached the useradd command it would error end exit.
I am using the trap command to try and capture some information but the error message was not showing at the console.

# error handling
set -Euo pipefail

# stubs
print() { tput setaf 2 ; echo -e "\n\t$1\n" ; tput sgr0 ; }
alert() { tput setaf 1 ; echo -e "\n\t$1\n" ; tput sgr0 ; }

# display error data and exit
trap '{ alert "${0##*/} line:$LINENO -> $BASH_COMMAND" ; exit ; }' err

There is probably a better & smarter way to capture error messages that I am not yet aware of.
My first attempt at a workaround was to run useradd at the console after booting for the first time and that worked.
I was planning to try and run useradd from the console within chroot but I did not have a chance.

The shadow package was updated to version 4.13-3 today and that has resolved the issue I had with useradd.

Last edited by lenhuppe (2023-09-11 10:52:49)

"I'm suspicious of people who don't like dogs, but I trust a dog when it doesn't like a person."  -- Bill Murray

Offline

Pages: 1

Board footer

Powered by FluxBB