NetBSD Problem Report #29719

From hubert@feyrer.de  Wed Mar 16 23:56:57 2005
Return-Path: <hubert@feyrer.de>
Received: from miyu.feyrer.net (p5480546B.dip.t-dialin.net [84.128.84.107])
	by narn.netbsd.org (Postfix) with ESMTP id B66C663B117
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 16 Mar 2005 23:56:55 +0000 (UTC)
Message-Id: <200503162356.j2GNuoDW026083@miyu.feyrer.net>
Date: Thu, 17 Mar 2005 00:56:51 +0100 (MET)
From: hubert@feyrer.de
Reply-To: hubert@feyrer.de
To: gnats-bugs@netbsd.org
Subject: confusing passwd(1) warning w/ short password and PAM
X-Send-Pr-Version: 3.95

>Number:         29719
>Category:       bin
>Synopsis:       confusing passwd(1) warning w/ short password and PAM
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Mar 16 23:57:00 +0000 2005
>Closed-Date:    Mon May 01 21:53:25 +0000 2023
>Last-Modified:  Mon May 01 21:53:25 +0000 2023
>Originator:     Hubert Feyrer
>Release:        NetBSD 2.99.16
>Organization:
bla!
>Environment:
	NetBSD qemu 2.99.16 NetBSD 2.99.16 (GENERIC) #2: Sun Mar 13 01:29:31 MET 2005  feyrer@miyu:/home/cvs/src-current/sys/arch/i386/compile/obj.i386/GENERIC i386


Architecture: i386
Machine: i386
>Description:
	Playing with PAM a bit on a 2.99.16 system, I found out that passwd(1)
	now behaves different than before when using "short" (one letter)
	passwords:

		qemu: {2} passwd
		Old Password: x
		New Password: y
		Retype New Password: y
		Please enter a longer password.
		The NIS password has been changed on qemu, the master NIS passwd server.

	The (expected) warning about entering a longer password is printed,
	but after that no other request to input a new password is made,
	as used to be the case on a 2.0 system. 

	The password still is changed.

	This is NOT related to NIS!


	When changing the password via yppasswd, the old behaviour is still
	displayed:

		qemu: {3} yppasswd
		Changing NIS password for feyrer.
		Old password: y
		New password: x
		Please enter a longer password.
		New password: x
		Retype new password: x
		The NIS password has been changed on qemu, the master NIS passwd server.

	Here the system prompts to enter another password after printing
	the warning, and accepts it after that when insisting on using
	the short password.

	On NetBSD 2.0, passwd(1) still behaves the same as yppasswd(1)
	(on a system w/o NIS):

		miyu% passwd 
		Changing local password for feyrer.
		New password:
		Please enter a longer password.
		New password:
		Retype new password:
		miyu% 


>How-To-Repeat:
	Use passwd(1) to set a short password.
	Wonder that a warning is printed.
	Wonder if the password was accepted or not,
	and wonder where the old NetBSD behaviour went to.

>Fix:
	Make passwd(1) behave like yppasswd(1) and old (pre-PAM?)
	passwd(1).

>Release-Note:

>Audit-Trail:

State-Changed-From-To: open->closed
State-Changed-By: hgutch@NetBSD.org
State-Changed-When: Mon, 01 May 2023 21:53:25 +0000
State-Changed-Why:
Fixed by https://mail-index.netbsd.org/source-changes/2005/03/17/0015.html .


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.