|
| From: | Javier Fernandez-Sanguino |
| Subject: | Re: [Tiger-user] prompted for password change |
| Date: | Fri, 27 Jun 2003 01:25:01 +0200 |
| User-agent: | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2) Gecko/20021120 Netscape/7.01 |
Cox, Michael wrote:
Here's all of the on-screen output from the time I run it to the time I am asked to change the password: Tiger UN*X security checking system Developed by Texas A&M University, 1994 Updated by the Advanced Research Corporation, 1999 Further updated by Javier Fernandez-Sanguino, 2001-2003 Covered by the GNU General Public License (GPL) Configuring...Will try to check using config for 'unknown' running Linux 2.4.21-0.13mdk...--CONFIG-- [con005c] Using configuration files for Linux 2.4.21-0.13mdk. Using configuration files for generic Linux 2. Not all checks may be performed. Tiger security scripts *** 3.2, 2003.09.05.22.00 *** 17:09> Beginning security report for xxx.xxx.xxx. New UNIX password:
That doesn't look too good. It seems that something is executing the 'passwd' program. It also seems to be related to the first checks that get executed, this could be very well be gen_passwd_sets. It calls, for example "$YPCAT passwd". If YPCAT is undefined (which is not tested beforehand, and that's a bug) then the 'passwd' program will be called. It might be the case that your system does _not_ have YPCAT and Tiger executes the passwd program because of this mistake.
Could you please send (in private mail if you wish) the output of doing 'sh -x tiger 2>&1' and your tigerrc configuration file?
Thanks Javi
| [Prev in Thread] | Current Thread | [Next in Thread] |