Report forwarded to debian-bugs-dist@lists.debian.org, Ben Collins <bcollins@debian.org>:
Bug#60123; Package passwd.   debian-bugs-dist@lists.debian.orgBen Collins  Subject: Bug#60123: passwd: If the password has change time in the future, it cannot be changed. Reply-To: greg@tenet.pl, 60123@bugs.debian.org Resent-From: greg@tenet.pl Resent-To: debian-bugs-dist@lists.debian.org Resent-CC: Ben Collins Resent-Date: Fri, 10 Mar 2000 15:03:11 GMT Resent-Message-ID: Resent-Sender: owner@bugs.debian.org X-Debian-PR-Message: report 60123 X-Debian-PR-Package: passwd X-Debian-PR-Keywords: X-Loop: owner@bugs.debian.org Received: via spool by bugs@bugs.debian.org id=B.95270034010599 (code B ref -1); Fri, 10 Mar 2000 15:03:11 GMT Date: 10 Mar 2000 14:58:32 -0000 Message-ID: <20000310145832.29772.qmail@tenet.pl> From: greg@tenet.pl To: submit@bugs.debian.org X-Mailer: bug 3.2.10 Package: passwd Version: 19990827-18 Severity: wishlist If the password has modification time in the future, it cannot be changed by the user. In my humble opinion this behaviour is not correct, and the used should have changed the password. -- System Information Debian Release: 2.2 Kernel Version: Linux main 2.2.13 #2 SMP Sun Jan 30 12:26:02 CET 2000 i586 unknown Versions of the packages passwd depends on: ii libc6 2.1.3-7 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-6 Pluggable Authentication Modules for PAM ii libpam0g 0.72-6 Pluggable Authentication Modules library ii login 19990827-18 System login tools --- Begin /etc/shells (modified conffile) /bin/ash /bin/bash /bin/csh /bin/sh /usr/bin/es /usr/bin/ksh /usr/bin/rc /usr/bin/tcsh /usr/bin/zsh /bin/false /bin/locked --- End /etc/shells --- Begin /etc/pam.d/passwd (modified conffile) # # # password required pam_cracklib.so retry=1 minlen=8 difok=3 type=TENET password required pam_unix.so md5 use_authok # --- End /etc/pam.d/passwd   Acknowledgement sent to greg@tenet.pl:
New Bug report received and forwarded. Copy sent to Ben Collins <bcollins@debian.org>.   -t  From: owner@bugs.debian.org (Debian Bug Tracking System) To: greg@tenet.pl Subject: Bug#60123: Acknowledgement (passwd: If the password has change time in the future, it cannot be changed.) Message-ID: In-Reply-To: <20000310145832.29772.qmail@tenet.pl> References: <20000310145832.29772.qmail@tenet.pl> X-Debian-PR-Message: ack 60123 Thank you for the problem report you have sent regarding Debian. This is an automatically generated reply, to let you know your message has been received. It is being forwarded to the developers mailing list for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): Ben Collins If you wish to submit further information on your problem, please send it to 60123@bugs.debian.org (and *not* to bugs@bugs.debian.org). Please do not reply to the address at the top of this message, unless you wish to report a problem with the Bug-tracking system. Darren Benham (administrator, Debian Bugs database)   Received: (at submit) by bugs.debian.org; 10 Mar 2000 14:59:00 +0000 Received: (qmail 10595 invoked from network); 10 Mar 2000 14:58:59 -0000 Received: from main.tenet.pl (HELO tenet.pl) (195.205.44.70) by master.debian.org with SMTP; 10 Mar 2000 14:58:59 -0000 Received: (qmail 29773 invoked by uid 1000); 10 Mar 2000 14:58:32 -0000 Date: 10 Mar 2000 14:58:32 -0000 Message-ID: <20000310145832.29772.qmail@tenet.pl> From: greg@tenet.pl Subject: passwd: If the password has change time in the future, it cannot be changed. To: submit@bugs.debian.org X-Mailer: bug 3.2.10 Package: passwd Version: 19990827-18 Severity: wishlist If the password has modification time in the future, it cannot be changed by the user. In my humble opinion this behaviour is not correct, and the used should have changed the password. -- System Information Debian Release: 2.2 Kernel Version: Linux main 2.2.13 #2 SMP Sun Jan 30 12:26:02 CET 2000 i586 unknown Versions of the packages passwd depends on: ii libc6 2.1.3-7 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-6 Pluggable Authentication Modules for PAM ii libpam0g 0.72-6 Pluggable Authentication Modules library ii login 19990827-18 System login tools --- Begin /etc/shells (modified conffile) /bin/ash /bin/bash /bin/csh /bin/sh /usr/bin/es /usr/bin/ksh /usr/bin/rc /usr/bin/tcsh /usr/bin/zsh /bin/false /bin/locked --- End /etc/shells --- Begin /etc/pam.d/passwd (modified conffile) # # # password required pam_cracklib.so retry=1 minlen=8 difok=3 type=TENET password required pam_unix.so md5 use_authok # --- End /etc/pam.d/passwd   Information forwarded to debian-bugs-dist@lists.debian.org, Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>:
Bug#60123; Package passwd.   debian-bugs-dist@lists.debian.orgShadow package maintainers  X-Loop: owner@bugs.debian.org Subject: Bug#60123: Password date of last change in the future : users cannot change their password Reply-To: Christian Perrier , 60123@bugs.debian.org Resent-From: Christian Perrier Resent-To: debian-bugs-dist@lists.debian.org Resent-CC: Shadow package maintainers Resent-Date: Thu, 12 May 2005 17:33:22 UTC Resent-Message-ID: Resent-Sender: owner@bugs.debian.org X-Debian-PR-Message: report 60123 X-Debian-PR-Package: passwd X-Debian-PR-Keywords: Received: via spool by 60123-submit@bugs.debian.org id=B60123.1115918448448 (code B ref 60123); Thu, 12 May 2005 17:33:22 UTC Received: (at 60123) by bugs.debian.org; 12 May 2005 17:20:48 +0000 Received: from perrier.eu.org (kheops.perrier.eu.org) [81.56.227.253] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DWHMc-00005g-00; Thu, 12 May 2005 10:20:47 -0700 Received: from localhost (localhost [127.0.0.1]) by kheops.perrier.eu.org (Postfix) with ESMTP id CDE574F977; Thu, 12 May 2005 19:20:15 +0200 (CEST) Received: from kheops.perrier.eu.org ([127.0.0.1]) by localhost (kheops [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12188-04; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: from mykerinos.kheops.frmug.org (mykerinos.kheops.frmug.org [192.168.1.3]) by kheops.perrier.eu.org (Postfix) with ESMTP id 0A7414F8B3; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: by mykerinos.kheops.frmug.org (Postfix, from userid 7426) id E19DB23295; Thu, 12 May 2005 19:00:30 +0200 (CEST) Date: Thu, 12 May 2005 19:00:30 +0200 From: Christian Perrier To: 60123@bugs.debian.org Cc: control@bugs.debian.org, libpam-modules@packages.debian.org Message-ID: <20050512170030.GH18758@mykerinos.kheops.frmug.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.9i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at kheops.frmug.org Delivered-To: 60123@bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,VALID_BTS_CONTROL autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: reassign 60123 libpam-modules thanks As mentioned in this bug report, users cannot change their passwords when the last change date has been set in the future. For instance, if the computer clock was wrong at the moment of the last change.... root@cc-mykerinos:/etc/cups# grep tintin /etc/shadow tintin:$1$RVYuxBOq$lUUYn6HTPAgJ.d0qk88.D.:12915:0:99999:7::: We are day 12915... root@cc-mykerinos:/etc/cups# vi /etc/shadow I manually set the last change field to 13915 root@cc-mykerinos:/etc/cups# su - tintin tintin@mykerinos:~$ passwd Changing password for tintin (current) UNIX password: You must wait longer to change your password passwd: Authentication token manipulation error I'm not sure this is really intended as is. Or, if it is, why this behaviour? Or is this just a bug? Anyway, the bug, if there's one, does not belong to passwd, but to libpam-modules as the above message comes from pam_unix.so. Hence reassigning. I hope I'm not wrong doing so.   Acknowledgement sent to Christian Perrier <bubulle@kheops.frmug.org>:
Extra info received and forwarded to list. Copy sent to Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>.   -t  X-Loop: owner@bugs.debian.org From: owner@bugs.debian.org (Debian Bug Tracking System) To: Christian Perrier Subject: Bug#60123: Info received (was Password date of last change in the future : users cannot change their password) Message-ID: In-Reply-To: <20050512170030.GH18758@mykerinos.kheops.frmug.org> References: <20050512170030.GH18758@mykerinos.kheops.frmug.org> Precedence: bulk X-Debian-PR-Message: ack-info 60123 X-Debian-PR-Package: passwd X-Debian-PR-Keywords: Thank you for the additional information you have supplied regarding this problem report. It has been forwarded to the package maintainer(s) and to other interested parties to accompany the original report. Your message has been sent to the package maintainer(s): Shadow package maintainers If you wish to continue to submit further information on your problem, please send it to 60123@bugs.debian.org, as before. Please do not reply to the address at the top of this message, unless you wish to report a problem with the Bug-tracking system. Debian bug tracking system administrator (administrator, Debian Bugs database)   Received: (at 60123) by bugs.debian.org; 12 May 2005 17:20:48 +0000 From bubulle@kheops.frmug.org Thu May 12 10:20:48 2005 Return-path: Received: from perrier.eu.org (kheops.perrier.eu.org) [81.56.227.253] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DWHMc-00005g-00; Thu, 12 May 2005 10:20:47 -0700 Received: from localhost (localhost [127.0.0.1]) by kheops.perrier.eu.org (Postfix) with ESMTP id CDE574F977; Thu, 12 May 2005 19:20:15 +0200 (CEST) Received: from kheops.perrier.eu.org ([127.0.0.1]) by localhost (kheops [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12188-04; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: from mykerinos.kheops.frmug.org (mykerinos.kheops.frmug.org [192.168.1.3]) by kheops.perrier.eu.org (Postfix) with ESMTP id 0A7414F8B3; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: by mykerinos.kheops.frmug.org (Postfix, from userid 7426) id E19DB23295; Thu, 12 May 2005 19:00:30 +0200 (CEST) Date: Thu, 12 May 2005 19:00:30 +0200 From: Christian Perrier To: 60123@bugs.debian.org Cc: control@bugs.debian.org, libpam-modules@packages.debian.org Subject: Password date of last change in the future : users cannot change their password Message-ID: <20050512170030.GH18758@mykerinos.kheops.frmug.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.9i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at kheops.frmug.org Delivered-To: 60123@bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,VALID_BTS_CONTROL autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: reassign 60123 libpam-modules thanks As mentioned in this bug report, users cannot change their passwords when the last change date has been set in the future. For instance, if the computer clock was wrong at the moment of the last change.... root@cc-mykerinos:/etc/cups# grep tintin /etc/shadow tintin:$1$RVYuxBOq$lUUYn6HTPAgJ.d0qk88.D.:12915:0:99999:7::: We are day 12915... root@cc-mykerinos:/etc/cups# vi /etc/shadow I manually set the last change field to 13915 root@cc-mykerinos:/etc/cups# su - tintin tintin@mykerinos:~$ passwd Changing password for tintin (current) UNIX password: You must wait longer to change your password passwd: Authentication token manipulation error I'm not sure this is really intended as is. Or, if it is, why this behaviour? Or is this just a bug? Anyway, the bug, if there's one, does not belong to passwd, but to libpam-modules as the above message comes from pam_unix.so. Hence reassigning. I hope I'm not wrong doing so.   Bug reassigned from package `passwd' to `libpam-modules'. Request was from Christian Perrier <bubulle@kheops.frmug.org> to control@bugs.debian.org.   Received: (at control) by bugs.debian.org; 12 May 2005 17:20:48 +0000 From bubulle@kheops.frmug.org Thu May 12 10:20:48 2005 Return-path: Received: from perrier.eu.org (kheops.perrier.eu.org) [81.56.227.253] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DWHMc-00005g-00; Thu, 12 May 2005 10:20:47 -0700 Received: from localhost (localhost [127.0.0.1]) by kheops.perrier.eu.org (Postfix) with ESMTP id CDE574F977; Thu, 12 May 2005 19:20:15 +0200 (CEST) Received: from kheops.perrier.eu.org ([127.0.0.1]) by localhost (kheops [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12188-04; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: from mykerinos.kheops.frmug.org (mykerinos.kheops.frmug.org [192.168.1.3]) by kheops.perrier.eu.org (Postfix) with ESMTP id 0A7414F8B3; Thu, 12 May 2005 19:20:14 +0200 (CEST) Received: by mykerinos.kheops.frmug.org (Postfix, from userid 7426) id E19DB23295; Thu, 12 May 2005 19:00:30 +0200 (CEST) Date: Thu, 12 May 2005 19:00:30 +0200 From: Christian Perrier To: 60123@bugs.debian.org Cc: control@bugs.debian.org, libpam-modules@packages.debian.org Subject: Password date of last change in the future : users cannot change their password Message-ID: <20050512170030.GH18758@mykerinos.kheops.frmug.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.9i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at kheops.frmug.org Delivered-To: control@bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_00,VALID_BTS_CONTROL autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: X-CrossAssassin-Score: 2 reassign 60123 libpam-modules thanks As mentioned in this bug report, users cannot change their passwords when the last change date has been set in the future. For instance, if the computer clock was wrong at the moment of the last change.... root@cc-mykerinos:/etc/cups# grep tintin /etc/shadow tintin:$1$RVYuxBOq$lUUYn6HTPAgJ.d0qk88.D.:12915:0:99999:7::: We are day 12915... root@cc-mykerinos:/etc/cups# vi /etc/shadow I manually set the last change field to 13915 root@cc-mykerinos:/etc/cups# su - tintin tintin@mykerinos:~$ passwd Changing password for tintin (current) UNIX password: You must wait longer to change your password passwd: Authentication token manipulation error I'm not sure this is really intended as is. Or, if it is, why this behaviour? Or is this just a bug? Anyway, the bug, if there's one, does not belong to passwd, but to libpam-modules as the above message comes from pam_unix.so. Hence reassigning. I hope I'm not wrong doing so.   Reply sent to Steve Langasek <vorlon@debian.org>:
You have taken responsibility.   -t  MIME-Version: 1.0 X-Mailer: MIME-tools 5.420 (Entity 5.420) X-Loop: owner@bugs.debian.org From: owner@bugs.debian.org (Debian Bug Tracking System) To: Steve Langasek Subject: Bug#60123: marked as done (passwd: If the password has change time in the future, it cannot be changed.) Message-ID: References: <20080727102017.GA13649@dario.dodds.net> <20000310145832.29772.qmail@tenet.pl> X-Debian-PR-Message: closed 60123 X-Debian-PR-Package: libpam-modules X-Debian-PR-Source: pam Content-Type: multipart/mixed; boundary="----------=_1217154074-30614-0" This is a multi-part message in MIME format... ------------=_1217154074-30614-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Your message dated Sun, 27 Jul 2008 03:20:17 -0700 with message-id <20080727102017.GA13649@dario.dodds.net> and subject line Re: passwd: If the password has change time in the future,= it cannot be changed. has caused the Debian Bug report #60123, regarding passwd: If the password has change time in the future, it cannot = be changed. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) --=20 60123: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D60123 Debian Bug Tracking System Contact owner@bugs.debian.org with problems ------------=_1217154074-30614-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.debian.org; 10 Mar 2000 14:59:00 +0000 Received: (qmail 10595 invoked from network); 10 Mar 2000 14:58:59 -0000 Received: from main.tenet.pl (HELO tenet.pl) (195.205.44.70) by master.debian.org with SMTP; 10 Mar 2000 14:58:59 -0000 Received: (qmail 29773 invoked by uid 1000); 10 Mar 2000 14:58:32 -0000 Date: 10 Mar 2000 14:58:32 -0000 Message-ID: <20000310145832.29772.qmail@tenet.pl> From: greg@tenet.pl Subject: passwd: If the password has change time in the future, it cannot be changed. To: submit@bugs.debian.org X-Mailer: bug 3.2.10 Package: passwd Version: 19990827-18 Severity: wishlist If the password has modification time in the future, it cannot be changed by the user. In my humble opinion this behaviour is not correct, and the used should have changed the password. -- System Information Debian Release: 2.2 Kernel Version: Linux main 2.2.13 #2 SMP Sun Jan 30 12:26:02 CET 2000 i586 unknown Versions of the packages passwd depends on: ii libc6 2.1.3-7 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-6 Pluggable Authentication Modules for PAM ii libpam0g 0.72-6 Pluggable Authentication Modules library ii login 19990827-18 System login tools --- Begin /etc/shells (modified conffile) /bin/ash /bin/bash /bin/csh /bin/sh /usr/bin/es /usr/bin/ksh /usr/bin/rc /usr/bin/tcsh /usr/bin/zsh /bin/false /bin/locked --- End /etc/shells --- Begin /etc/pam.d/passwd (modified conffile) # # # password required pam_cracklib.so retry=1 minlen=8 difok=3 type=TENET password required pam_unix.so md5 use_authok # --- End /etc/pam.d/passwd ------------=_1217154074-30614-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 60123-done) by bugs.debian.org; 27 Jul 2008 10:20:23 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=4.0 tests=BAYES_00,FROMDEVELOPER, VERSION autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from minbar.dodds.net ([66.93.39.86]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1KN3MV-0006xk-9L for 60123-done@bugs.debian.org; Sun, 27 Jul 2008 10:20:23 +0000 Received: from dario.dodds.net (dario.dodds.net [IPv6:2001:4830:1244:0:219:d2ff:fe76:2acb]) by minbar.dodds.net (Postfix) with ESMTPA id 290F21015C for <60123-done@bugs.debian.org>; Sun, 27 Jul 2008 03:20:21 -0700 (PDT) Received: by dario.dodds.net (Postfix, from userid 1000) id 568384C2CC; Sun, 27 Jul 2008 11:20:17 +0100 (BST) Date: Sun, 27 Jul 2008 03:20:17 -0700 From: Steve Langasek To: 60123-done@bugs.debian.org Subject: Re: passwd: If the password has change time in the future, it cannot be changed. Message-ID: <20080727102017.GA13649@dario.dodds.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.17+20080114 (2008-01-14) Version: 0.99.7.1-2 In the current version of pam in testing/unstable, the code does not prohibit password changes when the change time is in the future. It does enforce minimum password change intervals if configured in /etc/shadow, but that's not the same thing. So I think this bug is fixed. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org ------------=_1217154074-30614-0--   Notification sent to greg@tenet.pl:
Bug acknowledged by developer.   -t  MIME-Version: 1.0 X-Mailer: MIME-tools 5.420 (Entity 5.420) X-Loop: owner@bugs.debian.org From: owner@bugs.debian.org (Debian Bug Tracking System) To: greg@tenet.pl Subject: Bug#60123 closed by Steve Langasek (Re: passwd: If the password has change time in the future, it cannot be changed.) Message-ID: References: <20080727102017.GA13649@dario.dodds.net> <20000310145832.29772.qmail@tenet.pl> X-Debian-PR-Message: they-closed 60123 X-Debian-PR-Package: libpam-modules X-Debian-PR-Source: pam Reply-To: 60123@bugs.debian.org Content-Type: multipart/mixed; boundary="----------=_1217154074-30614-1" This is a multi-part message in MIME format... ------------=_1217154074-30614-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This is an automatic notification regarding your Bug report which was filed against the libpam-modules package: #60123: passwd: If the password has change time in the future, it cannot be= changed. It has been closed by Steve Langasek . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Steve Langasek by replying to this email. --=20 60123: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D60123 Debian Bug Tracking System Contact owner@bugs.debian.org with problems ------------=_1217154074-30614-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 60123-done) by bugs.debian.org; 27 Jul 2008 10:20:23 +0000 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=4.0 tests=BAYES_00,FROMDEVELOPER, VERSION autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from minbar.dodds.net ([66.93.39.86]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1KN3MV-0006xk-9L for 60123-done@bugs.debian.org; Sun, 27 Jul 2008 10:20:23 +0000 Received: from dario.dodds.net (dario.dodds.net [IPv6:2001:4830:1244:0:219:d2ff:fe76:2acb]) by minbar.dodds.net (Postfix) with ESMTPA id 290F21015C for <60123-done@bugs.debian.org>; Sun, 27 Jul 2008 03:20:21 -0700 (PDT) Received: by dario.dodds.net (Postfix, from userid 1000) id 568384C2CC; Sun, 27 Jul 2008 11:20:17 +0100 (BST) Date: Sun, 27 Jul 2008 03:20:17 -0700 From: Steve Langasek To: 60123-done@bugs.debian.org Subject: Re: passwd: If the password has change time in the future, it cannot be changed. Message-ID: <20080727102017.GA13649@dario.dodds.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.17+20080114 (2008-01-14) Version: 0.99.7.1-2 In the current version of pam in testing/unstable, the code does not prohibit password changes when the change time is in the future. It does enforce minimum password change intervals if configured in /etc/shadow, but that's not the same thing. So I think this bug is fixed. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org ------------=_1217154074-30614-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.debian.org; 10 Mar 2000 14:59:00 +0000 Received: (qmail 10595 invoked from network); 10 Mar 2000 14:58:59 -0000 Received: from main.tenet.pl (HELO tenet.pl) (195.205.44.70) by master.debian.org with SMTP; 10 Mar 2000 14:58:59 -0000 Received: (qmail 29773 invoked by uid 1000); 10 Mar 2000 14:58:32 -0000 Date: 10 Mar 2000 14:58:32 -0000 Message-ID: <20000310145832.29772.qmail@tenet.pl> From: greg@tenet.pl Subject: passwd: If the password has change time in the future, it cannot be changed. To: submit@bugs.debian.org X-Mailer: bug 3.2.10 Package: passwd Version: 19990827-18 Severity: wishlist If the password has modification time in the future, it cannot be changed by the user. In my humble opinion this behaviour is not correct, and the used should have changed the password. -- System Information Debian Release: 2.2 Kernel Version: Linux main 2.2.13 #2 SMP Sun Jan 30 12:26:02 CET 2000 i586 unknown Versions of the packages passwd depends on: ii libc6 2.1.3-7 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-6 Pluggable Authentication Modules for PAM ii libpam0g 0.72-6 Pluggable Authentication Modules library ii login 19990827-18 System login tools --- Begin /etc/shells (modified conffile) /bin/ash /bin/bash /bin/csh /bin/sh /usr/bin/es /usr/bin/ksh /usr/bin/rc /usr/bin/tcsh /usr/bin/zsh /bin/false /bin/locked --- End /etc/shells --- Begin /etc/pam.d/passwd (modified conffile) # # # password required pam_cracklib.so retry=1 minlen=8 difok=3 type=TENET password required pam_unix.so md5 use_authok # --- End /etc/pam.d/passwd ------------=_1217154074-30614-1--   Received: (at 60123-done) by bugs.debian.org; 27 Jul 2008 10:20:23 +0000 From vorlon@debian.org Sun Jul 27 10:20:23 2008 X-Spam-Checker-Version: SpamAssassin 3.1.4-bugs.debian.org_2005_01_02 (2006-07-26) on rietz.debian.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=4.0 tests=BAYES_00,FROMDEVELOPER, VERSION autolearn=no version=3.1.4-bugs.debian.org_2005_01_02 Return-path: Received: from minbar.dodds.net ([66.93.39.86]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from ) id 1KN3MV-0006xk-9L for 60123-done@bugs.debian.org; Sun, 27 Jul 2008 10:20:23 +0000 Received: from dario.dodds.net (dario.dodds.net [IPv6:2001:4830:1244:0:219:d2ff:fe76:2acb]) by minbar.dodds.net (Postfix) with ESMTPA id 290F21015C for <60123-done@bugs.debian.org>; Sun, 27 Jul 2008 03:20:21 -0700 (PDT) Received: by dario.dodds.net (Postfix, from userid 1000) id 568384C2CC; Sun, 27 Jul 2008 11:20:17 +0100 (BST) Date: Sun, 27 Jul 2008 03:20:17 -0700 From: Steve Langasek To: 60123-done@bugs.debian.org Subject: Re: passwd: If the password has change time in the future, it cannot be changed. Message-ID: <20080727102017.GA13649@dario.dodds.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.17+20080114 (2008-01-14) Version: 0.99.7.1-2 In the current version of pam in testing/unstable, the code does not prohibit password changes when the change time is in the future. It does enforce minimum password change intervals if configured in /etc/shadow, but that's not the same thing. So I think this bug is fixed. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org