Passwd Troubleshooting

From NetworkCommands

Issues with the Linux passwd command are common, particularly after major system changes. This information is particularly useful if you are receiving the error message: passwd: Authentication token manipulation error

This article suggests a number of troubleshooting 'targets' that may help you find the cause.

Check the Logs

The log file name and location will change based on your system

Duplicate Entries

Check that the passwd and shadow files do not have more than one entry for the user account in question.

Shadow File Synchronisation

If a shadow file is used (you'll know as there will be no passwords in the passwd file,) ensure that the user account you are experiencing issues with has an entry in both the /etc/passwd and /etc/shadow files.

Obviously check there is a shadow file at all!

If the files are out of sync or there is no shadow file when there should be;

• Delete the shadow file if it exists (or rename it to shadow.bak so you have a backup)
• Use pwconv to create a new shadow file

Note that these steps remove all existing passwords and you will have to create a password for all the users configured on the system.

File Permissions

Ensure the file: /usr/bin/passwd is executable by all users, permissions are normally: -r-x--x--x

Ensure the password file: /etc/passwd is readable by all users, permissions are normally: -rw-r--r--

Check the root account can read the shadow file: /etc/shadow, permissions are normally: -r--r-----

F5 BigIP Specifics

You must use the mount -a command prior to using this command.

We really do appreciate all feedback so please do send your comments, suggestions or corrections to steve#networkstuff.eu (replacing the # with an @)