--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: libpam-unix2: (wishlist) make it clearer that the wrong password was entered
- From: Vincent McIntyre <vincent.mcintyre@csiro.au>
- Date: Thu, 4 Jul 2013 15:37:21 +1000
- Message-id: <20130704053721.GJ4049@mayhem.atnf.CSIRO.AU>
Package: libpam-unix2
Version: 1:2.4.1-4
Severity: wishlist
Tags: patch
*** Please type your report below this line ***
Hi
I am using this module to help users change passwords on a mixed file & NIS
system.
If they happen to enter the wrong string for the old password, they get a
somewhat
inscrutable message:
% passwd
Old Password:
passwd: Authentication token manipulation error
passwd: password unchanged
Which usually leads them to keep trying the same, wrong, password.
Unless there is some way to configure PAM to give a friendlier error message
than the default text for PAM_AUTHTOK_ERR, the patch below would fix the
problem for me.
Patch is against 1:2.6-1, but I compiled & tested with 1:2.4.1-4.
debian/patches/07_wrong_pass_warning.diff
--- a/src/unix_passwd.c
+++ b/src/unix_passwd.c
@@ -257,6 +257,8 @@
if ((getuid () || (flags & PAM_CHANGE_EXPIRED_AUTHTOK)) && strcmp
(data->oldpassword,
crypt_r (oldpass, data->oldpassword, &output)) != 0)
{
+ __write_message (pamh, flags, PAM_ERROR_MSG,
+ _("Wrong password."));
if (options.debug)
pam_syslog (pamh, LOG_DEBUG,
"old password is wrong -> abort.");
-- System Information:
Debian Release: 6.0.7
APT prefers oldstable
APT policy: (990, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libpam-unix2 depends on:
ii libc6 2.11.3-4 Embedded GNU C Library: Shared lib
ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii libxcrypt1 1:2.4-1 Crypt library for DES, MD5, and bl
libpam-unix2 recommends no packages.
libpam-unix2 suggests no packages.
-- no debconf information
--- End Message ---