问题
即使密码已过期,系统也无法间歇性地更改用户密码,如下所示安全日志。
尽管密码已更改,但下次登录尝试不会应用新密码。
/var/log/secure ------------- Jan 10 15:26:28 sshd[5999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lpct-80fffz1.precastcorp.com user=test Jan 10 15:28:01 crond[6274]: pam_unix(crond:account): expired password for user test (password aged) Jan 10 15:39:24 passwd: pam_pwquality(passwd:chauthtok): pam_get_authtok_verify returned error: Failed preliminary check by password service Jan 10 15:39:54 passwd: gkr-pam: couldn't update the login keyring password: no old password was entered Jan 10 15:41:36 passwd: pam_unix(passwd:chauthtok): password changed for test Jan 10 15:41:36 passwd: gkr-pam: couldn't update the login keyring password: no old password was entered 《---- passwd:gkr-pam:无法更新登录 keyring密码:未输入旧密码
on it road.com
解决方案
正在 pam.d 目录中加载的 pam_gnome_keyring.so 模块阻止了密码更改。
按照以下步骤删除 gnome-keyring-pam 包:
# rpm -qa | grep gnome-keyring # yum remove gnome-keyring-pam-[version]
日期:2020-09-17 00:13:05 来源:oir作者:oir