[Bug 1086272] [NEW] libpam-sss.pam-auth-update needs to be split to properly support password changes

Mon, 03 Dec 2012 23:35:42 -0800 

Public bug reported:

The priority of the libpam-sss pam-auth-update config file needs to be
lower than for pam_unix, so that local users always work, despite the
state of the sssd daemon. This causes a problem with the password stack,
where pam_sss needs to be above pam_unix, so that if pam_cracklib is
installed password changes still work. Otherwise it would be broken in
one of the cases, depending on if use_authtok is set or not.

The fix for this is to split the password stack from pam_sss config
separate from the rest, and use a higher priority there.

This is fixed in raring, needs an SRU to precise and quantal.

** Affects: sssd (Ubuntu)
     Importance: Undecided
         Status: Fix Released

** Affects: sssd (Ubuntu Precise)
     Importance: Medium
         Status: In Progress

** Affects: sssd (Ubuntu Quantal)
     Importance: Medium
         Status: In Progress

** Description changed:

  The priority of the libpam-sss pam-auth-update config file needs to be
  lower than for pam_unix, so that local users always work, despite the
  state of the sssd daemon. This causes a problem with the password stack,
  where pam_sss needs to be above pam_unix, so that if pam_cracklib is
  installed password changes still work. Otherwise it would be broken in
  one of the cases, depending on if use_authtok is set or not.
  
+ The fix for this is to split the password stack from pam_sss config
+ separate from the rest, and use a higher priority there.
+ 
  This is fixed in raring, needs an SRU to precise and quantal.

** Also affects: sssd (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: sssd (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Changed in: sssd (Ubuntu)
       Status: New => Fix Released

** Changed in: sssd (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: sssd (Ubuntu Precise)
       Status: New => In Progress

** Changed in: sssd (Ubuntu Quantal)
   Importance: Undecided => Medium

** Changed in: sssd (Ubuntu Quantal)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1086272

Title:
  libpam-sss.pam-auth-update needs to be split to properly support
  password changes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1086272/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to