Recently received an operation and development task, need to develop an account management system, on the 3,000 + Linux server root account for the batch system management, to achieve the regular modification of root as a random password and encrypted storage, and to the operation and maintenance of the Web front desk to provide password query decryption interface functions.
At first, I developed a prototype based on Php+ssh2_exec. Basic functions have been achieved, the results of the boss said here the operation of the Victoria I will point a little PHP, the back can not be maintained. I was persuaded, because the writing has been written, is it to be reconstructed?
Back on the line test found that the company has part of the system access to LDAP authentication, PHP ssh2_exec can not work, return to the error of landing failure.
Reluctantly, the last hard to use Python to refactor the system again, and achieve a multithreaded mode, because it is not too Python CGI framework, the use of PHP API interface, so far, basically all done.
Online testing a few days later, found that there is always a server to card for half a day, landing check log is successful, but always card in the revision of the password that step.
So, print the process, found CHPASSWD change password this step error! Caused expect to be stuck.
Look at the error message is:
Chpasswd:pam Authentication failed
The actual landing of this machine, the implementation of CHPASSWD, found that this error is reported.
Try to execute the passwd, also the error:
Passwd:pam_start () failed, error 26
Search for a half-day, but also saw a half-day foreign language case, did not find an appropriate solution. Finally, I saw a similar case in which he checked the error found by checking the/var/log/secure log file.
So, I also try to take a chance, found that there are really records!
In/var/log/secure, I found that I was chpasswd the command was prompted to not find the/etc/pam.conf file. Then go to the other system to see if there is no such document, found that there is no.
In the end, I was helpless, compared to the 2 systems of the/etc directory, let me find the trick! Do not know which boring person to the system/ETC/PAM.D to rename the Pam.d_bak!! I go to you xxx, waste my half a day.
Direct MV Pam.d_bak PAM.D can then perform the echo ' Root:newpassword ' |chpasswd to modify the password.
The reason for this wonderful work is rare, so the problem does not necessarily get the answer in the search engine.
However, when I write this article, deliberately put PAM.D again renamed, CHPASSWD or reported the same mistake, but passwd error has become:
Luo Li said for a long time, the main share of this wonderful case and the solution process. When the search engine can not find the time, then congratulate you become the first crab-eating people, with the benefit of the Internet opportunities, hurriedly solve the problem to share it again ...
At present, I developed the account management system to run well, the follow-up have time to organize and share, perhaps someone needs, please look forward to!
Original from: http://zhangge.net/5077.html