Re: pam_ldap and passwd

From: Clement Laforet <sheepkiller_at_cultdeadsheep.org> Date: Mon, 24 Nov 2003 12:13:05 +0100 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:30 UTC

On Mon, 24 Nov 2003 10:39:16 +0100
Yuri Khotyaintsev <yuri_at_irfu.se> wrote:

> I have a server where I use pam_ldap and nss_ldap. Everything works
> fine except for changing passwords:
> 
> [user_at_ice][~]# passwd
> passwd: Sorry, `passwd' can only change passwords for local or NIS
> users.
> 
> As I understand pam_ldap supports changing LDAP passwords. Is it
> supposed to work on FreeBSD ?

according to src/usr.bin/passwd/passwd.c:
...
        /* check where the user's from */
        switch (pwd->pw_fields & _PWF_SOURCE) {
        case _PWF_FILES:
                fprintf(stderr, "Changing local password for %s\n",
                    pwd->pw_name);
                break;
        case _PWF_NIS:
                fprintf(stderr, "Changing NIS password for %s\n",
                    pwd->pw_name);
                break;
        default:
                /* XXX: Green men ought to be supported via PAM. */
                errx(1, 
          "Sorry, `passwd' can only change passwords for local or NIS users.");
        }
...

If you change default: behaviour you CAN change your password. Currently,
passwd is not fully PAM-aware. 

clem