Re: [Nss-mysql-users] auth failing with non-priv users

[Guillaume Morin]

Hi Dan,

Dans un message du 10 jui à 14:18, Geist, Dan (CCI-Atlanta) écrivait :
> address@hidden dgeist]$ su
> Password: 
> address@hidden dgeist]# su - dan
> bash-2.05$ pwd
> /tmp
> bash-2.05$ exit
> logout
> address@hidden dgeist]# exit
> exit
> address@hidden dgeist]$ pwd
> /home/dgeist
> address@hidden dgeist]$ su - dan
> Password: 
> You are required to change your password immediately (root enforced)
> su: incorrect password

Looks like a problem with your shadow parameters. Could you paste them ?

> address@hidden dgeist]$ passwd dan
> passwd: Only root can specify a username

You cannot change your nss-mysql users password with passwd. NSS is just
a method of lookup, it does *not* handle changing information. You'll
have to write a shell script or something for that.

> Oh, I do have:
> shadow.lastchange_column = user.lastchange;
> in the nss-mysql-root.conf file and that row in the table is an int(16)
> with default 0. Don't know if that matters...

Hmm, 0 is too low. This field should be an unix timestamp, so that means
that you changed the password in 1970, that may seem too old for your
system. Try replacing "user.lastchange" by "UNIX_TIMESTAMP()-10". If it
works, fix your database.

> I have a feeling that the password hash algoritm is incorrect, but
> that's not substantiated. Any ideas?

If you've pasted the hash from /etc/shadow, it should work flawlessly.

Regards,

-- 
Guillaume Morin <address@hidden>

    Last night I saw the face of God, but waking I'd forgotten who she was.
                                    (Addict)