Bug 730

Summary: Pwexp does not work with nisplus
Product: Portable OpenSSH Reporter: Stefan Sundman <stefan>
Component: Build systemAssignee: Darren Tucker <dtucker>
Status: CLOSED DUPLICATE    
Severity: normal    
Priority: P2    
Version: -current   
Hardware: SPARC   
OS: Solaris   
Attachments:
Description Flags
sshd -ddd none

Description Stefan Sundman 2003-10-06 22:06:30 AEST 
After havning some problems with password expire on a standalone system (see
Bugid 723) a finally got it together and installed it on a NISPLUS system.

Now i'm back to square one, havning the same problem again, though it works with
non-nisplus machines. 

For more detailed information and errors see
http://bugzilla.mindrot.org/show_bug.cgi?id=723
Comment 1 Darren Tucker 2003-10-06 22:52:44 AEST 
I've never tried the patch with NIS+.

Please attach (note: create attachment not paste into comment) full server-side 
debug (ie "sshd -ddd") for your NIS+ system.  Are you using PAM or not?

Reassigning to me since pwexp isn't part of the main distribution.
Comment 2 Darren Tucker 2003-10-07 17:16:24 AEST 
Is this a dup of bug #695?
Comment 3 Stefan Sundman 2003-10-07 20:37:30 AEST 
Created attachment 478 [details]
sshd -ddd

This is a sshd -ddd from the machine
Comment 4 Darren Tucker 2003-10-07 21:34:02 AEST 
Is HAS_SHADOW_EXPIRE set in config.h?
Comment 5 Stefan Sundman 2003-10-07 21:37:22 AEST 
Yes, it works on a standalone system.
Comment 6 Darren Tucker 2003-10-07 21:42:42 AEST 
If the expiry info doesn't show in the shadow info (and it doesn't appear to in
the debug) then sshd won't know the password is expired.  A couple of suggestions:

Are you using 3.7.1p2?  If not please try it.
Try enabling UsePAM and disabling PasswordAuthentication.
Comment 7 Darren Tucker 2003-11-20 00:05:47 AEDT 
Please try openssh-3.7.1p2 + pwexp26.  There's hooks in there for PAM password
changes via SSH2 keyboard-interactive.

http://www.zip.com.au/~dtucker/openssh/openssh-3.7.1p2-pwexp26.patch
Comment 8 Darren Tucker 2004-01-24 18:46:55 AEDT 
Cleaning up open bugs: this one appears to be covered by bug #695.

*** This bug has been marked as a duplicate of 695 ***
Comment 9 Stefan Sundman 2004-03-17 19:51:08 AEDT 
Did the trick, thanks!
Comment 10 Darren Tucker 2004-03-17 23:58:11 AEDT 
Was that attachment #503 [details] in bug #695 that resolved your problem?  I'd just like
confirmation so I can close 695 too.
Comment 11 Stefan Sundman 2004-03-18 01:30:35 AEDT 
Don't know about #695? The soloution was in comment #7 (pwexp-26)