[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Strange behaviour of the passwd command

From: John Summerfield <debian herakles homelinux org>
To: "Red Hat Enterprise Linux 4 (Nahant) Discussion List" <nahant-list redhat com>
Subject: Re: Strange behaviour of the passwd command
Date: Tue, 04 Sep 2007 06:59:22 +0800

Mikko Kortelainen wrote:

John Summerfield kirjoitti:
I can't do that:
root     25123 25122  0 17:58 ?        00:00:00 SCREEN
root     25124 25123  0 17:58 pts/13   00:00:00 /bin/bash
root     25143 25124  0 17:58 pts/13   00:00:00 passwd
Same here, now that I run "passwd" and check the process list. But whenit hanged, PPID was 1. I don't have any screens to prove that, but Ispecifically remember double-checking it. Now that you made me doubt mymemory, I will have to wait until it hangs again.

ppid=1 means its parents quit, right back to init. I won't say it'simpossible, just improbable!

I'm wondering what's attached to stdin.
lsof -c passwd
COMMAND   PID USER   FD   TYPE DEVICE    SIZE    NODE NAME
passwd  24233 root  cwd    DIR    8,7    4096   32065 /root
passwd  24233 root  rtd    DIR    8,7    4096       2 /
passwd  24233 root  txt    REG    8,2   27728   96645 /usr/bin/passwd
passwd 24233 root mem REG 8,7 56902 96220/lib64/libnss_files-2.3.4.sopasswd 24233 root mem REG 8,7 12480 96308/lib64/security/pam_stack.sopasswd 24233 root mem REG 8,7 4560 96245/lib64/security/pam_deny.sopasswd 24233 root mem REG 8,7 12624 96454/lib64/security/pam_env.sopasswd 24233 root mem REG 8,7 54512 96317/lib64/security/pam_unix.sopasswd 24233 root mem REG 8,7 64928 96401/lib64/security/pam_krb5.sopasswd 24233 root mem REG 8,7 19496 96312/lib64/security/pam_succeed_if.sopasswd 24233 root mem REG 8,7 4968 96457/lib64/security/pam_permit.sopasswd 24233 root mem REG 8,7 13960 96241/lib64/security/pam_cracklib.sopasswd 24233 root mem REG 8,2 39736 549171/usr/lib64/libcrack.so.2.7passwd 24233 root mem REG 8,7 20696 96278/lib64/security/pam_limits.sopasswd 24233 root mem REG 8,2 464040 549324/usr/lib64/libkrb5.so.3.2passwd 24233 root mem REG 8,2 145456 549323/usr/lib64/libk5crypto.so.3.0passwd 24233 root mem REG 8,2 14768 549372/usr/lib64/libdes425.so.3.0passwd 24233 root mem REG 8,2 117616 549374/usr/lib64/libkrb4.so.2.0
passwd  24233 root  mem    REG    8,7  105080   96195 /lib64/ld-2.3.4.so
passwd 24233 root mem REG 8,7 1493409 96205/lib64/tls/libc-2.3.4.so
passwd  24233 root  mem    REG    8,7   17943   96243 /lib64/libdl-2.3.4.so
passwd 24233 root mem REG 8,7 13216 96309/lib64/libpam_misc.so.0.77passwd 24233 root mem REG 8,7 91412 96221/lib64/libresolv-2.3.4.sopasswd 24233 root mem REG 8,7 65992 96303/lib64/libaudit.so.0.0.0
passwd  24233 root  mem    REG    8,7   38400   96307 /lib64/libpam.so.0.77
passwd 24233 root mem REG 8,7 62520 96313/lib64/libselinux.so.1passwd 24233 root mem REG 8,7 107187 96209/lib64/libnsl-2.3.4.sopasswd 24233 root mem REG 8,7 10384 96258/lib64/libcom_err.so.2.1passwd 24233 root mem REG 8,2 34144 544217/usr/lib64/libpopt.so.0.0.0passwd 24233 root mem REG 8,7 30070 96250/lib64/libcrypt-2.3.4.sopasswd 24233 root mem REG 8,2 84448 549192/usr/lib64/libuser.so.1.1.1passwd 24233 root mem REG 8,2 560080 546589/usr/lib64/libglib-2.0.so.0.400.7passwd 24233 root mem REG 8,2 14176 546620/usr/lib64/libgmodule-2.0.so.0.400.7passwd 24233 root mem REG 8,2 278184 549327/usr/lib64/libgobject-2.0.so.0.400.7
passwd  24233 root    0u   CHR 136,10              12 /dev/pts/10


This ^ is the critical one, and this is what I expect to see.

passwd  24233 root    1u   CHR 136,10              12 /dev/pts/10
passwd  24233 root    2u   CHR 136,10              12 /dev/pts/10
passwd 24233 root 3u sock 0,4 2159997 can't identifyprotocol
I also don't have much idea: I'm trying to shake the tree untilsomething falls out:-)
Another thing that I remember running is "strace -p <pid>". It didn'tprint anything except "Process <pid> attached - interrupt to quit" - asopposed to when I ran it now, it gave me a "read(0, ". Shouldn't it havegiven me a syscall name if it was waiting on something? I don't reallyknow, I'm not that good with strace.

I was thinking it might be looping over "read(0,...). If yourrecollections of what you did are accurate, I'm out of ideas....

I've tried piping various junk[1] into passwd to see whether I can makeit loop, unsuccessfully - but I'm testing on Scientific linux 5, a RHEL5clone.

1 /dev/null, /dev/zero, "yes yes | tr -d \\\n |" and "yes 'BAD PASSWORD:it does not contain enough DIFFERENT characters'| tr -d \\\n |"







--

Cheers
John

-- spambait
1aaaaaaa coco merseine nu  Z1aaaaaaa coco merseine nu

Please do not reply off-list

Follow-Ups:
- Re: Strange behaviour of the passwd command
  - From: John Haxby

References:
- Strange behaviour of the passwd command
  - From: Mikko Kortelainen
- Re: Strange behaviour of the passwd command
  - From: John Summerfield
- Re: Strange behaviour of the passwd command
  - From: Mikko Kortelainen
- Re: Strange behaviour of the passwd command
  - From: John Summerfield
- Re: Strange behaviour of the passwd command
  - From: Mikko Kortelainen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]