RE: Blank password works for root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> -----Original Message-----
> From: fedora-list-admin@xxxxxxxxxx
> Bevan C. Bennett wrote:
> Subject: Re: Blank password works for root
>
>
> Bill Beeman wrote:
> >
> > auth        required      /lib/security/$ISA/pam_env.so
> > auth        sufficient    /lib/security/$ISA/pam_unix.so
> likeauth nullok
> > auth        sufficient    /lib/security/$ISA/pam_smb_auth.so
> > use_first_pass nolocal
> > auth        required      /lib/security/$ISA/pam_deny.so
> >
> > account     required      /lib/security/$ISA/pam_unix.so
> >
> > password    required      /lib/security/$ISA/pam_cracklib.so retry=3
> > type=
> > password    sufficient    /lib/security/$ISA/pam_unix.so nullok
> > use_authtok shadow
> > password    required      /lib/security/$ISA/pam_deny.so
> >
> > session     required      /lib/security/$ISA/pam_limits.so
> > session     required      /lib/security/$ISA/pam_unix.so
> >
> > and the (obfuscated) root entry from /etc/shadow:
> > root:xxxxxxxxxxx:12426:0:99999:7:::
> >
> > Hope this helps..
>
> Yeah! Now we're getting somewhere...
> Here's some things to try:
>
> * Make double sure that root's /etc/passwd entry has '*' for the
> password field.
>
What actually shows is "x" in the password field..consistently (all
entries)

> * try resetting root's password by running 'passwd' and
> re-entering it.
>
Done...no change.]

> * find out where pam_smb_auth comes from, with perhaps
> "rpm -qf /lib/security/pam_smb_auth.so". I don't see that
> module in the
> Fedora Core samba RPMs...
>
> samba-3.0.0-15 has /lib/security/pam_smbpass.so
> samba-common-3.0.0-15 has /lib/security/pam_winbind.so
>
Comes from pam_smb-1.1.7-2

> * What changes if you remove the pam_smb_auth line? Do you still have
> null access? Do you still have access using the password?
>
Commenting out the pam_smb_auth line fixes the immediate problem.  No
null access, and can log in with the root password.  So perhaps
somewhere in the Samba system?  I'm a relative newbie here and don't
quite know where to look next.  The offending machine is an upgrade from
RH9.  The samba server is still an RH9 box, and is running Samba 2.2.8a.

I really appreciate the help.

Bill
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux