"Daniel Richard G." <sk...@iskunk.org> writes: > I'm on Ubuntu Maverick, with libpam-krb5 4.2-1.
> kerberosuser@host:~$ passwd > Current Kerberos password: ****** > passwd: Authentication token manipulation error > passwd: password unchanged > I'm using a pam-auth-update config that is identical to the stock "krb5" > config save for minimum_uid= being taken out (see bug #369575 for > details), and normal Kerberos authentication (logging in and such) work > without a problem. Changing the password for the root user works too, > unlike the situation before. > (If I give the "debug" keyword to the PAM module, I don't see any > relevant output in /var/log/syslog.) Assuming that your syslog isn't configured to discard debug messages, this means your problem is not with libpam-krb5 and is instead with some other PAM module that you have in your password stack. If debug is enabled for pam-krb5, it will *always* log when it is invoked. If it doesn't log anything at all, that means that it's not being invoked, which means that the PAM stack is failing somewhere previous to it. Logging is nearly the first thing that it does on every entry point, after allocating some memory, and everything that happens prior to that will also log if it fails. Note that if you attempt to change a password for an account that doesn't exist in /etc/shadow, pam_unix will fail, which I think in the default configuration will abort the PAM stack. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/334795 Title: cannot change password -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
