From nobody@FreeBSD.org  Sun Nov  4 12:22:11 2007
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9ECF116A418
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  4 Nov 2007 12:22:11 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 8DF5F13C4B0
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  4 Nov 2007 12:22:11 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.1/8.14.1) with ESMTP id lA4CM25W089107
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 4 Nov 2007 12:22:02 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.1/8.14.1/Submit) id lA4CM2eI089104;
	Sun, 4 Nov 2007 12:22:02 GMT
	(envelope-from nobody)
Message-Id: <200711041222.lA4CM2eI089104@www.freebsd.org>
Date: Sun, 4 Nov 2007 12:22:02 GMT
From: "O. Hartmann" <ohartman@zedat.fu-berlin.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: passwd: incapable of changing LDAP passowrds using passwd in FreeBSD 7.0
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         117812
>Category:       bin
>Synopsis:       passwd(1): incapable of changing LDAP passowrds using passwd in FreeBSD 7.0
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Nov 04 12:30:03 UTC 2007
>Closed-Date:    
>Last-Modified:  Wed Jan 16 04:41:13 UTC 2008
>Originator:     O. Hartmann
>Release:        FreeBSD 7.0-BETA2
>Organization:
FU Berlin/Nugg.ad Predictive Behavioral Targeting
>Environment:
>Description:
trying to change passwords for users located in an OpenLDAP server fails
due to the incapability of passwd() changing passwords via PAM! Also with
chpass() and chsh() which seems not to take PAM into account.

LDAP/OpenLDAP and PAM is now very common over NIS/YP and I can not
understand why FreeBSD as server system is not taking this into account.
>How-To-Repeat:
Try to change password using passwd while user is located in OpenLDAP.
try to change login shell and passowrd via chsh() and chpass() and you'll
fail also.
>Fix:
For passwd() there is a patch around (simply commenting out something
in the checking chain), but it seems to be qucik and dirty.

>Release-Note:
>Audit-Trail:
>Unformatted:
