summary: broken yppasswd Solaris 2.x

From: LaCoursiere J. D. (
Date: Tue Nov 01 1994 - 22:28:16 CST

Original problem:
        A few users complained when attempting to change their passwords
        on Solaris 2.3 machines in our net. It would spit out an error
        like "changing NIS passwd for xxx, permission denied", where xxx
        would be _someone else's_ account name.

        xterm and a broken utmp scheme were the culprits. Apparently
        when xterm exits on a Solaris 2.x box it leaves its pty entry
        in utmp. This can be confirmed by starting up an xterm, noting
        its pty (with the 'tty' command), then quitting it. Check from
        another session and you will see (with 'who') that the pty is
        still shown as "in use", even though the xterm is dead. The next
        person that logs into the machine via the net will get the "used"
        pty, but will be at the end of the utmp file. When this person
        attempts "yppasswd", a call is made to getlogin(), which looks
        up the user name via matching the first entry in the utmp that
        contains the same tty. In this case, you get the name of the user
        that had started the original xterm. When yppasswd attempts to
        change the password of this user, it bombs with permission denied.

        several people suggested patches, but none knew if they worked or
        not. Upon research of one suggested patch (101318-59), an admin
        warned that when he installed it it broke NFS (ACK!). One admin
        submitted a hack called "utmpd" that scans the utmp file every
        15 seconds and nukes invalid entries. This works GREAT! This will
        be our solution until Sun gets in gear.

Thanks to:
        (and one more that I am pretty certain I deleted by mistake :-<)

Jeff LaCoursiere
Network Admin
Ft. Worth, TX



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:13 CDT