[lsb-discuss] Bug in lsb-runtime IA32 3.1.0-6 LSB.pam/testcases/pam_chauthtok .1, 2, 8 (chauthtok)
mdittmar at linux-ag.de
mdittmar at linux-ag.de
Fri Jun 16 05:47:55 PDT 2006
<---------------part A------------------->
Submitters Name: Martin Dittmar
Email: mdittmar at linux-ag.de
Organization Name:
Linux Information Systems AG
Computer Type/Model/Operating System:
i686, amd, debian sarge
<---------------part B------------------->
Test Suite/Version:
lsb-runtime IA32 3.1.0-6
Test ID: LSB.pam/testcases/pam_chauthtok .1,2,8
Problem Synopsis: PASS_MIN_DAYS != 0 in /etc/login.defs leads to failing tests
Proposed Reason Code: 1
(1=Fault in Test Suite,
2=Problem in the Specification,
3=Minor fault on system under test)
Error Description:
On the the tested system the file "/etc/login.defs" has set "PASS_MIN_DAYS 7".
That's why when the vsxgen users are created, the entry in /etc/shadow is created as follows:
vsx0:bC5DIOJ4AdVVs:13315:7:45:7:::
That means the password can be changed only once in 7 days by the user.
That leads to a "Fail" of the described tests (See report below)
In LSB there is no default value "PASS_MIN_DAYS 0" specifified, so the test should make sure it is set to 0 - either before or as a part of the test (e.g. by using the C interfaces like the passwd program)
At least there should be a note, that the test will fail with such a system configuration.
************************************************************************
/tset/LSB.pam/testcases/pam_chauthtok/pam_chauthtok 1 Failed
Test Information:
Sending password test
pam_chauthtok returned Authentication token manipulation error when
expected to succeed
************************************************************************
************************************************************************
/tset/LSB.pam/testcases/pam_chauthtok/pam_chauthtok 2 Failed
Test Information:
Sending password test
pam_chauthtok failed with correct password and
PAM_DISALLOW_NULL_AUTHTOK when expected to succeed.
It returned Authentication token manipulation error
************************************************************************
************************************************************************
/tset/LSB.pam/testcases/pam_chauthtok/pam_chauthtok 8 Failed
Test Information:
Sending password test
pam_chauthtok returned Authentication token manipulation error
It was expected to return PAM_AUTHTOK_LOCK_BUS
***********************************************************************
Solution:
the /etc/shadow entry for vsx0 could be reviewed and, if needed, corrected before running the tests.
It would be possible to use a C interface like the passwd program for this (http://cvs.pld.org.pl/shadow/src, http://cvs.pld.org.pl/shadow/lib)
Another possibility would be to do this as part of the pre/postinst script of the rpm.
More information about the lsb-discuss
mailing list