Re: [gentoo-user] chage can't open /etc/passwd

[Etaoin Shrdlu <shrdlu@unlimitedmail.org>]

On Monday 17 September 2007, Albert Hopkins wrote:
> On Mon, 2007-09-17 at 21:48 +0200, Etaoin Shrdlu wrote:
> > What does stracing the program show?
>
> As root it does an open("/etc/passwd", O_RDONLY) twice.  Both times it
> gets a file handle.
>
> As user, same thing, but it also tries to open /etc/shadow RDONLY and,
> of course, gets a "Permission denied".

This is different from what you said before. You said that running as 
root or as an user made no difference, and in both cases you were 
getting "can't open password file". You never mentioned a "permission 
denied" error, which seems correct when running as a regular user.
On my box, running chage as a regular user fails with "permission 
denied", but it's not related to /etc/shadow permissions. Instead 
(looking at the strace and at the sources), chage checks the real UID of 
the user and terminates if it's not 0 and the user requests to change 
the info (instead of just listing it with -l). It does not even touch 
any file.
So, if you see chage trying to open /etc/shadow when running as a regular 
user, something must be broken or wrong. What version of shadow are you 
using? Mine is shadow-4.0.18.1-r1.

> There is also a
>
> write(2, "chage: PAM authentication failed"..., 33chage: PAM
> authentication failed) = 33
>
> But I've never seen this on my terminal when running w/o strace.

How does your /etc/pam.d/chage look like?

Here is mine:

[Mon Sep 17 21:41:13 root@kermit ~]# cat /etc/pam.d/chage
#%PAM-1.0

auth       sufficient   pam_rootok.so
auth       required             pam_permit.so

account    include              system-auth

password   required             pam_permit.so
-- 
gentoo-user@gentoo.org mailing list