Re: Change_Passwd 4.2e

>>>>  > General Information:
>>>>  > Fedora 11 Preview
>>>>  > Apache 2.2.11, both user and group are apache
>>>>  > PHP 5.2.9
>>>>  >
>>>>  > Directory Listing of the Plugin Directory (ls -laF)
>>>>  > total 120
>>>>  > drwxr-xr-x  3 root root    4096 2009-05-21 15:58 ./
>>>>  > drwxr-xr-x 22 root root    4096 2009-05-21 12:51 ../
>>>>  > -rwsr-x---  1 root apache 10744 2009-01-03 18:23 chpasswd*
>>>>  > -rw-r--r--  1 root root    7290 2009-01-03 18:23 chpasswd.c
>>>>  > -rw-r--r--  1 root root    1588 2009-05-21 15:54 config.php
>>>>  > -rw-r--r--  1 root root    1587 2009-01-03 18:23 config.php.sample
>>>>  > -rw-r--r--  1 root root   15802 2009-01-03 18:23 COPYING
>>>>  > -rw-r--r--  1 root root     610 2009-01-03 18:23 exec_test.php
>>>>  > -rw-r--r--  1 root root    2068 2009-01-03 18:23 functions.php
>>>>  > -rw-r--r--  1 root root     114 2009-01-03 18:23 getpot
>>>>  > -rw-r--r--  1 root root     466 2009-01-03 18:23 index.php
>>>>  > -rw-r--r--  1 root root    2120 2009-01-03 18:23 INSTALL
>>>>  > -rwxr-xr-x  1 root root    4322 2009-01-03 18:23 ldap-chpasswd*
>>>>  > -rw-r--r--  1 root root    1018 2009-01-03 18:23
>>>> ldap-chpasswd.cfg.sample
>>>>  > drwxr-xr-x  3 root root    4096 2009-01-03 18:23 locale/
>>>>  > -rw-r--r--  1 root root   11997 2009-01-03 18:23 options.php
>>>>  > -rw-r--r--  1 root root    9119 2009-01-03 18:23 README
>>>>  > -rw-r--r--  1 root root    1356 2009-01-03 18:23 setup.php
>>>>  > -rw-r--r--  1 root root      19 2009-01-03 18:23 version
>>>>  >
>>>>  > $seeOutput results:
>>>>  > Current password is incorrect
>>>>  > Command output:
>>>>  > Current password is incorrect
>>>>  > Return code: 9
>>>>  >
>>>>  > $debug results:
>>>>  > cd /usr/local/squirrelmail/www/plugins/change_passwd
>>>>  > ../../plugins/change_passwd/chpasswd '<userid>' '<oldPasswd>'
>>>>  > '<newPasswd>' 2>&1
>>>>  >
>>>>  > When run the above in a console, the result of these commands is:
>>>>  > Current password is incorrect
>>>>
>>>> Are you sure you are really using the same username AND password that
>>>> are in the /etc/passwd or /etc/shadow file??
>>> If you are referring to user input, then yes the userid and password are
>>> in /etc/passwd and /etc/shadow.  If you are referring to the program, I
>>> can only assume that it is so since the variables cited below point to
>>> the correct files.
>>>
>>>>  > Squirrelmail 1.4.17 was installed per the instruction set:
>>>>  > http://squirrelmail.org/docs/admin/admin-3.html#ss3.2
>>>>  > starting at "Prepare SquirrelMail directories" since the other
>>>>  > requirements were already installed from source.
>>>>
>>>> Doesn't sound like a SquirrelMail issue.
>>> I agree since it and the Local_autorespond_forward plugin is working
>>> quite well.
>>>
>>>>  > Plugins installed and configured into Squirrelmail:
>>>>  > Compatibility 2.0.14-1.0
>>>>  > Local_autorespond_forward 3.0.1-1.4.0
>>>>  > Change_passwd 4.2e
>>>>
>>>> I've never heard of this version.  I only support versions that I have
>>>> produced, so you might talk to the author of this plugin version.
>>> Fair enough.
>>>
>>>>  > The CompatibilityDependencies list shows that change_passwd requires
>>>>  > compatibility 1.x, but that "an updated version that works with 2.x is
>>>>  > available from the author."  The latest version I have been able to find
>>>>  > is 4.2e which was released January 4, 2009, per
>>>>  > http://www.linuxmail.info/change_passwd/.
>>>>
>>>> Then you should ask for help there.  "Available from the author"
>>>> usually means you have to ask the author for a copy of that "updated
>>>> version."  I can give you mine.
>>> Again, fair enough.  If you have a version of the plugin which works
>>> with Compatibility 2.0.14-1.0, I would love to know how to get it.
>>> Until then, I think that the line 165 advice below will be moot.
>>>>  > I have searched the email lists (all four) and found something from Mr.
>>>>  > Lesniewski that states to recompile the binary.  Per the head of the C
>>>>  > file, I have even attempted a recompile of the code using both versions
>>>>  > contained with the C file... as well as compiling per the bottom of:
>>>>  >
>>>>  > http://www.linuxmail.info/squirrelmail-change-password-howto/
>>>>  >
>>>>  > The C file does show that PASSWD is /etc/passwd and SHADOW is
>>>>  > /etc/shadow, both of which are correct.
>>>>
>>>> Again, I don't know what the code is you have, but in my code, in
>>>> chpasswd.c around line 165, I see this:
>>>>
>>>>                                         printf("Current password is
>>>> incorrect\n");
>>>>                                         //printf("Current password
>>>> \"%s\" is incorrect; encrypted, it is \"%s\", but encrypting the given
>>>> one results in \"%s\"\n", Old_pw, WOld_pw, (char *)crypt(Old_pw,
>>>> WOld_pw));
>>>>
>>>> Try uncommenting the second line and see what you get while doublt
>>>> checking against the users in the password file.  The problem is that
>>>> your version of the program is getting something else from the
>>>> password file other than what you are giving it.
>
>
> With Change_passwd-4.3beta1-1.2.8
>
>
> Trying the binary tarballed with the plugin:
>
> Without $seeOutput or $debug
> Your current password is not correct
>
>
> With $seeOutput:
> Your current password is not correct
> Command output:
> Current password is incorrect
> Return code: 9
>
>
> With $debug:
> Permissions of chpasswd executable are: 104750
>
> chpasswd has group ownership: apache
> Your web server is running under group: apache
>
> chpasswd is owned by: root
>
> To test the chpasswd utility from the command line, do this:
>
> cd /usr/local/squirrelmail/www/plugins/change_passwd
> ../../plugins/change_passwd/chpasswd '<userid>' '<oldPass>' '<newPass>' 2>&1
>
> The results of the commandline are:
> Your current password is not correct
>
> ----------------------------------------
>
> Trying with compiled binary with line 165 per the head of the C source
> file:  Same results as above
>
> ----------------------------------------
>
> Trying with compiled binary with line 166:
>
> Without $seeOutput or $debug
> Your current password is not correct
>
>
> With $seeOutput:
> Your current password is not correct
> Command output:
> Current password "Urp1eH1Ur8FUDrJOkV9euwkcz8hL4r9cqjXjm6d//T.H.DS." is
> incorrect; encrypted, it is
> "$6$UfewSJUs$FtqVH/gkfh7wcrL/RCEw02blat1AAujDbsAvVvUrp1eH1Ur8FUDrJOkV9euwkcz8hL4r9cqjXjm6d//T.H.DS.",
> but encrypting the given one results in
> "$6$UfewSJUs$ZrKKZV4Gx/fh8eljjuDmKDwJf3bN3KCROx2RzWIdUJoZUZ08I1tkhcfdHsRQBPocN1Rgsc04lQZUs.y7c4gv01"
> Return code: 9

> With $debug:
> Permissions of chpasswd executable are: 104750
>
> chpasswd has group ownership: apache
> Your web server is running under group: apache
>
> chpasswd is owned by: root
>
> To test the chpasswd utility from the command line, do this:
>
> cd /usr/local/squirrelmail/www/plugins/change_passwd
> ../../plugins/change_passwd/chpasswd '<userid>' '<oldPass>' '<newPass>' 2>&1
>
> The results of the commandline are:
> Current password "Urp1eH1Ur8FUDrJOkV9euwkcz8hL4r9cqjXjm6d//T.H.DS." is
> incorrect; encrypted, it is
> "$6$UfewSJUs$FtqVH/gkfh7wcrL/RCEw02blat1AAujDbsAvVvUrp1eH1Ur8FUDrJOkV9euwkcz8hL4r9cqjXjm6d//T.H.DS.",
> but encrypting the given one results in
> "$6$UfewSJUs$ZrKKZV4Gx/fh8eljjuDmKDwJf3bN3KCROx2RzWIdUJoZUZ08I1tkhcfdHsRQBPocN1Rgsc04lQZUs.y7c4gv01"
>
> ----------------------------------------
>
> I have ssh'ed into the mail server and changed the password to the new
> one and then back to the old one successfully.  I have also performed a
> passwd on the user in question so that a new MD5 for the original
> password would be generated for this user.  The results (encryption
> notwithstanding) are the same.
>
>
>>>>
>>>>  > When the error occurs, nothing changes in either /var/log/messages,
>>>>  > /var/log/maillog, or /var/log/secure.
>>>>  >
>>>>  > I have turned off SELinux prior to troubleshooting this concern.
>>>>  >
>>>>  > Is there something I'm missing?
>>>>  >
>>>>  > Many thanks for your time and help with this.
>>>>
>>>>
>>> Reiteration of the thanks for your time.
>>>
>>> Steven