Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1078840
Description of problem: Error message is seen during password change. Although the change is successful. Version-Release number of selected component (if applicable): 1.11.2-60.el7 How reproducible: Always Steps to Reproduce: 1. # ssh -l aduser1@sssdad.com localhost aduser1@sssdad.com@localhost's password: Password expired. Change your password now. Last login: Thu Mar 20 17:10:18 2014 from localhost WARNING: Your password has expired. You must change your password now and login again! Changing password for user aduser1@sssdad.com. Current Password: New password: Retype new password: passwd: Authentication token manipulation error Connection to localhost closed. 2. Now, try to login with the changed password. # ssh -l aduser1@sssdad.com localhost aduser1@sssdad.com@localhost's password: Last login: Thu Mar 20 17:10:55 2014 from localhost 3. /varlog/secure shows: Mar 20 17:10:54 dhcp207-186 sshd[11363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost user=aduser1@sssdad.com Mar 20 17:10:54 dhcp207-186 sshd[11363]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost user=aduser1@sssdad.com Mar 20 17:10:54 dhcp207-186 sshd[11363]: pam_sss(sshd:auth): received for user aduser1@sssdad.com: 12 (Authentication token is no longer valid; new one required) Mar 20 17:10:54 dhcp207-186 sshd[11363]: pam_sss(sshd:account): User info message: Password expired. Change your password now. Mar 20 17:10:54 dhcp207-186 sshd[11363]: Accepted password for aduser1@sssdad.com from ::1 port 47301 ssh2 Mar 20 17:10:55 dhcp207-186 sshd[11363]: pam_unix(sshd:session): session opened for user aduser1@sssdad.com by (uid=0) Mar 20 17:10:55 dhcp207-186 passwd: pam_unix(passwd:chauthtok): user "aduser1@sssdad.com" does not exist in /etc/passwd Mar 20 17:11:08 dhcp207-186 passwd: pam_unix(passwd:chauthtok): user "aduser1@sssdad.com" does not exist in /etc/passwd Mar 20 17:11:08 dhcp207-186 passwd: pam_sss(passwd:chauthtok): Password change failed for user aduser1@sssdad.com: 4 (System error) Mar 20 17:11:08 dhcp207-186 passwd: gkr-pam: couldn't update the login keyring password: no old password was entered Mar 20 17:11:11 dhcp207-186 sshd[11366]: Received disconnect from ::1: 11: disconnected by user Mar 20 17:11:11 dhcp207-186 sshd[11363]: pam_unix(sshd:session): session closed for user aduser1@sssdad.com Actual results: Error message is seen during password change. Although the change is successful. Expected results: No error during password change. Additional info:
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => sbose patch: 0 => 1 review: True => 0 selected: => status: new => assigned testsupdated: => 0
This ticket turned out to be a regression in 1.11. Moving to sssd 1.11.5 as per downstream request.
milestone: NEEDS_TRIAGE => SSSD 1.11.5 priority: major => blocker
resolution: => fixed status: assigned => closed
Metadata Update from @mkosek: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.11.5
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3331
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.