From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1IXNvF-0003k8-Mn for garchives@archives.gentoo.org; Mon, 17 Sep 2007 21:14:26 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l8HL5SsI025242; Mon, 17 Sep 2007 21:05:28 GMT Received: from dcnode-02.unlimitedmail.net (139.Red-80-26-111.staticIP.rima-tde.net [80.26.111.139]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l8HKwN4K014572 for ; Mon, 17 Sep 2007 20:58:23 GMT Received: from ppp.zz ([137.204.208.98]) (authenticated bits=0) by dcnode-02.unlimitedmail.net (8.14.0/8.14.0) with ESMTP id l8HKwGUc012334 for ; Mon, 17 Sep 2007 22:58:16 +0200 From: Etaoin Shrdlu To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] chage can't open /etc/passwd Date: Mon, 17 Sep 2007 23:09:10 +0200 User-Agent: KMail/1.9.7 References: <1190041963.18545.13.camel@localhost> <200709172148.48037.shrdlu@unlimitedmail.org> <1190061019.15444.44.camel@localhost> In-Reply-To: <1190061019.15444.44.camel@localhost> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200709172309.11576.shrdlu@unlimitedmail.org> X-UnlimitedMail-MailScanner: Found to be clean X-UnlimitedMail-MailScanner-From: shrdlu@unlimitedmail.org X-Spam-Status: No X-Archives-Salt: 10a9098e-b9de-484b-8132-58b2f49cf2a7 X-Archives-Hash: e63cdec8579959b798215f8deb729244 On Monday 17 September 2007, Albert Hopkins wrote: > On Mon, 2007-09-17 at 21:48 +0200, Etaoin Shrdlu wrote: > > What does stracing the program show? > > As root it does an open("/etc/passwd", O_RDONLY) twice. Both times it > gets a file handle. > > As user, same thing, but it also tries to open /etc/shadow RDONLY and, > of course, gets a "Permission denied". This is different from what you said before. You said that running as root or as an user made no difference, and in both cases you were getting "can't open password file". You never mentioned a "permission denied" error, which seems correct when running as a regular user. On my box, running chage as a regular user fails with "permission denied", but it's not related to /etc/shadow permissions. Instead (looking at the strace and at the sources), chage checks the real UID of the user and terminates if it's not 0 and the user requests to change the info (instead of just listing it with -l). It does not even touch any file. So, if you see chage trying to open /etc/shadow when running as a regular user, something must be broken or wrong. What version of shadow are you using? Mine is shadow-4.0.18.1-r1. > There is also a > > write(2, "chage: PAM authentication failed"..., 33chage: PAM > authentication failed) = 33 > > But I've never seen this on my terminal when running w/o strace. How does your /etc/pam.d/chage look like? Here is mine: [Mon Sep 17 21:41:13 root@kermit ~]# cat /etc/pam.d/chage #%PAM-1.0 auth sufficient pam_rootok.so auth required pam_permit.so account include system-auth password required pam_permit.so -- gentoo-user@gentoo.org mailing list