Submitted by RedKnot on Mon, 11/16/2009 - 08:38
When an user changes a password of his e-mailaccount he can't login anymore with the new password. I verified this myself. It seems to happen after I changed some security settings on our server.
http://www.vmunix.com/mark/blog/archives/2005/10/31/changing-default-pas...
When I change the password on the commandline using the passwd command the user can login again.
Status:
Closed (fixed)
Comments
Submitted by andreychek on Mon, 11/16/2009 - 09:18 Comment #1
So, you're on Solaris -- and it sounds like you're saying you changed a value in policy.conf from "CRYPT_DEFAULT=unix" to "CRYPT_DEFAULT=1". Does that sound about right?
If you were to (temporarily) switch that back, and then try changing your user's password from within Virtualmin, does it work at that point?
Submitted by RedKnot on Mon, 11/16/2009 - 11:58 Comment #2
Yes I changed CRYPT_DEFAULT=unix to CRYPT_DEFAULT=1. I guess I narrowed the problem. It only happens when the password which first encrypted using the unix setting and then is changed by vritualmin with the new 1 setting. I've included some output:
/etc/shadow after changing the old password (unix) to the new password (1): testuser@example.com:$1$OVyGGCSPPvZew$m4w5pzlAUHkvrthxxxxxxx:14564::::::
/etc/shadow after changing the new password (1) to a random password (1): testuser@example.com:$1$OVyGGCSPPvZew$6ywGHamWFzpA8exxxxxxxx:14564::::::
/etc/shadow after changing back from the random (1) password to the new password (1) testuser@example.com:$1$OVyGGCSPPvZew$m4w5pzlAUHkvrthxxxxxxx:14564::::::
/etc/shadow after changing to the new password (1) with the commandline passwd utility testuser@example.com:$1$H13B/dSH$XSx5ONUm5keGexxxxxxx:14564::::::
So the results of the passwd utility are different from the virtualmin utility.
Submitted by JamieCameron on Mon, 11/16/2009 - 14:00 Comment #3
So if you were to set CRYPT_DEFAULT=1 , change a password using the 'passwd' command, then make another change in Virtualmin , would the new password set in Virtualmin work OK?
Submitted by RedKnot on Mon, 11/16/2009 - 16:08 Comment #4
Yes, when the password is correctly set with the new setting I can change it with virtualmin without any problems.
Submitted by JamieCameron on Mon, 11/16/2009 - 23:40 Comment #5
Ok, I see the problem here .. there's a bug in Webmin's encryption code that happens when the old password encrypted with one method, and the password is then encrypted with a different method.
I will fix this in the next Webmin release.
Submitted by RedKnot on Tue, 11/17/2009 - 01:12 Comment #6
OK thanks!
Submitted by Issues on Wed, 12/02/2009 - 19:19 Comment #7
Automatically closed -- issue fixed for 2 weeks with no activity.