passwd - permission denied

earthpig · 2009-10-18 22:12:08

hi,

when running passwd as root, as a regular user, or with sudo i get the following error regardless of which user's password i try to change:

[chris: ~]$ sudo passwd chris
passwd: Permission denied
passwd: password unchanged
[chris: ~]$ sudo su
[root@chris-desktop chris]# passwd chris
passwd: Permission denied
passwd: password unchanged
[root@chris-desktop chris]# passwd karen
passwd: Permission denied
passwd: password unchanged
[root@chris-desktop chris]#

anyone have any ideas?

i can use usermod to completely remove any password of a given user, but not set one.

i have tried locking, unlocking, etc, passwords for various users, to no avail.

relevant line of sudoers:

# User privilege specification
root    ALL=(ALL) ALL
chris   ALL=(ALL) ALL

sudo seems to work fine with everything else...

Last edited by earthpig (2009-10-18 22:17:04)

Ramses de Norre · 2009-10-18 22:17:19

Hmm, just the first thing that pops in my head: did you look at the permissions on /etc/passwd and /etc/shadow ?

earthpig · 2009-10-18 22:32:53

[chris: /etc]$ ls -l passwd
-rw-r--r-- 1 root root 572 2009-10-18 15:29 passwd
[chris: /etc]$ ls -l shadow
-rw------- 1 root root 364 2009-10-18 15:22 shadow
[chris: /etc]$

i disabled gdm and tried loggin in as root, problem persists. root cannot change the password of root....

Acecero · 2009-10-18 23:21:54

earthpig wrote:

[chris: /etc]$ ls -l passwd
-rw-r--r-- 1 root root 572 2009-10-18 15:29 passwd
[chris: /etc]$ ls -l shadow
-rw------- 1 root root 364 2009-10-18 15:22 shadow
[chris: /etc]$
i disabled gdm and tried loggin in as root, problem persists. root cannot change the password of root....

Would it be possible that the user root is not part of the group root in your /etc/group file?

earthpig · 2009-10-18 23:35:06

thanks for the suggestion!

[chris: /etc]$ cat group | grep root
root::0:root
bin::1:root,bin,daemon
daemon::2:root,bin,daemon
sys::3:root,bin
adm::4:root,daemon
disk::6:root
wheel::10:root,chris
log::19:root
[chris: /etc]$

Last edited by earthpig (2009-10-18 23:36:10)

Mardoct · 2009-10-19 01:20:12

Don't use sudo for that, or log off of Chris.

Last edited by Mardoct (2009-10-19 01:21:15)

earthpig · 2009-10-19 01:36:01

i appreciate the suggestion, but i already tried that:

i disabled gdm and tried logging in as root, problem persists. root cannot change the password of root....

Last edited by earthpig (2009-10-19 01:40:52)

loafer · 2009-10-19 05:57:44

Does "pwck" or "grpck" report anything unusual?

If they do fix the errors then run "pwconv".

Last edited by loafer (2009-10-19 05:59:09)

earthpig · 2009-10-19 06:14:05

thx loafer.

grpck:

group adm has an entry in /etc/gshadow, but its password field in /etc/group is not set to 'x'

that makes sense for most groups, but it also reports that for root:

group root has an entry in /etc/gshadow, but its password field in /etc/group is not set to 'x'

is that normal?

pwck:

[chris: ~]$ sudo pwck -q

returns nothing, with or without the -q.

Last edited by earthpig (2009-10-19 06:14:26)

loafer · 2009-10-19 07:33:29

The groups error is a known bug and you can fix it by manually editing the file to add the missing x. I'm not sure if it's the source of your problem. pwck output is empty because it didn't find any errors.

Last edited by loafer (2009-10-19 07:34:48)

earthpig · 2009-10-19 08:20:56

i went ahead and installed gnome which comes with users-admin.

using that, i am able to make new users and change their passwords without a hitch.

...but i am still experiencing the same error when using passwd.

lldmer · 2009-10-19 19:06:01

Did you maybe somehow lose the setuid bit on /usr/bin/passwd? I believe it is required (at least it's on by default). You can check with ls -l, the permissions should say rws (with a s for setuid) for root (owner of the file):

-rwsr-xr-x 1 root root 25016 2009-08-01 12:23 /usr/bin/passwd

g1smo · 2010-01-22 15:54:15

This thread is old but for the sake of others with the problem that might stumble upon this page (as I did), this is the solution I have figured out:
My /etc/pam.d/passwd used to look like

#%PAM-1.0
#password       required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
#password       required        pam_unix.so md5 shadow use_authtok
#password        required        pam_unix.so md5 shadow nullok
password        optional        pam_gnome_keyring.so

And uncommenting the "pam_unix.so md5 shadow nullok" fixed my passwd problem.
Hope it helps someone!

Arch Linux

#1 2009-10-18 22:12:08

passwd - permission denied

#2 2009-10-18 22:17:19

Re: passwd - permission denied

#3 2009-10-18 22:32:53

Re: passwd - permission denied

#4 2009-10-18 23:21:54

Re: passwd - permission denied

#5 2009-10-18 23:35:06

Re: passwd - permission denied

#6 2009-10-19 01:20:12

Re: passwd - permission denied

#7 2009-10-19 01:36:01

Re: passwd - permission denied

#8 2009-10-19 05:57:44

Re: passwd - permission denied

#9 2009-10-19 06:14:05

Re: passwd - permission denied

#10 2009-10-19 07:33:29

Re: passwd - permission denied

#11 2009-10-19 08:20:56

Re: passwd - permission denied

#12 2009-10-19 19:06:01

Re: passwd - permission denied

#13 2010-01-22 15:54:15

Re: passwd - permission denied

Board footer