Menu

#4338 Webmin login -> change expired password fails

1.670
closed-fixed
nobody
None
5
2014-02-14
2014-01-03
TJ Maciak
No

When I have pass_maxdays set and the users password is > older than the value of pass_maxdays then it will prompt the user to change their password at the login screen (great feature!). However it gives me the following error (see attachment) after I enter the existing password and type in the new password twice. The odd thing about this is with debugging on, clearly it shows me that the password I typed in originally to tell me my password is expired, is "valid" according to the debug logs.

1 Attachments
Screen Shot 2014-01-03 at 11.52.34 AM.png

Related

Bugs: #4338

Discussion

  • Jamie Cameron

    Jamie Cameron - 2014-01-03

    Could you also post the debug logs? I'd like to see the output that indicates that the password is actually valid.

     

    • TJ Maciak

      TJ Maciak - 2014-01-03

      From: TJ Maciak maciaktj@gvsu.edu
      Date: Friday, January 3, 2014 5:31 PM
      To: "[webadmin:bugs]" 4338@bugs.webadmin.p.re.sf.net
      Subject: Re: [webadmin:bugs] #4338 Webmin login -> change expired password fails

      Sure. I am posting the output, both of the initial login (which then prompts me for changing my password because its too old) as well as for the process of myself changing the password (where it gives the error message I put in a screen capture earlier).

      [START]
      main: Starting handle_request loop pid=53151
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      handle_request: passed timeout check
      handle_request reqline=POST /session_login.cgi HTTP/1.1
      handle_request: got headline Host: www.testweb.com:11111
      handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
      handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      handle_request: got headline Accept-Language: en-US,en;q=0.5
      handle_request: got headline Accept-Encoding: gzip, deflate
      handle_request: got headline Referer: https://www.testweb.com:11111/
      handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
      handle_request: got headline Connection: keep-alive
      handle_request: got headline Content-Type: application/x-www-form-urlencoded
      handle_request: got headline Content-Length: 44
      clen_read=44 clen=44 posted_data=44
      handle_request: posted_data=page=%2F&user=test_user&pass=password
      handle_request: Need authentication
      validate_user: user=test_user pass=password host=www.testweb.com
      validate_user: canuser=test_user canmode=1 notexist=0 webminuser=test_user sudo=
      main: Starting handle_request loop pid=53152
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      validate_user: Password is valid lc=1383772368 pass_maxdays=30
      maxdays=30 daysold=58.0512384259259 temppass=
      handle_login: requesting delay vu=test_user acptip=10.10.1.95 ok=1
      main: inline delay test_user 10.10.1.95 1
      handle_login: delay=0 blocked=0
      handle_request: page=/password_form.cgi simple=/password_form.cgi
      handle_request: passed IP checks
      handle_request: initial full=
      handle_request: full=/usr/libexec/webmin/password_form.cgi
      handle_request: executing CGI
      REMOTE_USER =
      BASE_REMOTE_USER =
      main: Done handle_request loop pid=53151
      main: inline EOF
      handle_request: passed timeout check
      handle_request reqline=
      handle_request: invalid reqline=
      main: inline EOF

      main: Starting handle_request loop pid=53166
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      handle_request: passed timeout check
      handle_request reqline=POST /password_change.cgi HTTP/1.1
      handle_request: got headline Host: www.testweb.com:11111
      handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
      handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      handle_request: got headline Accept-Language: en-US,en;q=0.5
      handle_request: got headline Accept-Encoding: gzip, deflate
      handle_request: got headline Referer: https://www.testweb.com:11111/session_login.cgi
      handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
      handle_request: got headline Connection: keep-alive
      handle_request: got headline Content-Type: application/x-www-form-urlencoded
      handle_request: got headline Content-Length: 90
      clen_read=90 clen=90 posted_data=90
      handle_request: posted_data=user=test_user&pam=1&expired=1&old=password&new1=newPassword&new2=newPassword
      handle_request: Need authentication
      handle_request: page=/password_change.cgi simple=/password_change.cgi
      handle_request: initial full=
      handle_request: full=/usr/libexec/webmin/password_change.cgi
      handle_request: executing CGI
      REMOTE_USER =
      BASE_REMOTE_USER =
      main: Starting handle_request loop pid=53168
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: Starting handle_request loop pid=53170
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: Starting handle_request loop pid=53171
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: inline EOF
      [END]
      --

      T.J. Maciak, M.S. C.I.S.
      Senior Programmer, Community Research Institute
      Johnson Center for Philanthropy
      Grand Valley State University
      616-331-7029
      http://www.cridata.org

       

    • TJ Maciak

      TJ Maciak - 2014-01-03

      Sure. I am posting the output, both of the initial login (which then prompts me for changing my password because its too old) as well as for the process of myself changing the password (where it gives the error message I put in a screen capture earlier).

      [START]
      main: Starting handle_request loop pid=53151
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      handle_request: passed timeout check
      handle_request reqline=POST /session_login.cgi HTTP/1.1
      handle_request: got headline Host: www.testweb.com:11111
      handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
      handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      handle_request: got headline Accept-Language: en-US,en;q=0.5
      handle_request: got headline Accept-Encoding: gzip, deflate
      handle_request: got headline Referer: https://www.testweb.com:11111/
      handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
      handle_request: got headline Connection: keep-alive
      handle_request: got headline Content-Type: application/x-www-form-urlencoded
      handle_request: got headline Content-Length: 44
      clen_read=44 clen=44 posted_data=44
      handle_request: posted_data=page=%2F&user=test_user&pass=password
      handle_request: Need authentication
      validate_user: user=test_user pass=password host=www.testweb.com
      validate_user: canuser=test_user canmode=1 notexist=0 webminuser=test_user sudo=
      main: Starting handle_request loop pid=53152
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      validate_user: Password is valid lc=1383772368 pass_maxdays=30
      maxdays=30 daysold=58.0512384259259 temppass=
      handle_login: requesting delay vu=test_user acptip=10.10.1.95 ok=1
      main: inline delay test_user 10.10.1.95 1
      handle_login: delay=0 blocked=0
      handle_request: page=/password_form.cgi simple=/password_form.cgi
      handle_request: passed IP checks
      handle_request: initial full=
      handle_request: full=/usr/libexec/webmin/password_form.cgi
      handle_request: executing CGI
      REMOTE_USER =
      BASE_REMOTE_USER =
      main: Done handle_request loop pid=53151
      main: inline EOF
      handle_request: passed timeout check
      handle_request reqline=
      handle_request: invalid reqline=
      main: inline EOF

      main: Starting handle_request loop pid=53166
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      handle_request: passed timeout check
      handle_request reqline=POST /password_change.cgi HTTP/1.1
      handle_request: got headline Host: www.testweb.com:11111
      handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
      handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
      handle_request: got headline Accept-Language: en-US,en;q=0.5
      handle_request: got headline Accept-Encoding: gzip, deflate
      handle_request: got headline Referer: https://www.testweb.com:11111/session_login.cgi
      handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
      handle_request: got headline Connection: keep-alive
      handle_request: got headline Content-Type: application/x-www-form-urlencoded
      handle_request: got headline Content-Length: 90
      clen_read=90 clen=90 posted_data=90
      handle_request: posted_data=user=test_user&pam=1&expired=1&old=password&new1=newPassword&new2=newPassword
      handle_request: Need authentication
      handle_request: page=/password_change.cgi simple=/password_change.cgi
      handle_request: initial full=
      handle_request: full=/usr/libexec/webmin/password_change.cgi
      handle_request: executing CGI
      REMOTE_USER =
      BASE_REMOTE_USER =
      main: Starting handle_request loop pid=53168
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: Starting handle_request loop pid=53170
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: Starting handle_request loop pid=53171
      handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
      handle_request: passed IP checks
      main: inline EOF
      [END]
      --

      T.J. Maciak, M.S. C.I.S.
      Senior Programmer, Community Research Institute
      Johnson Center for Philanthropy
      Grand Valley State University
      616-331-7029
      http://www.cridata.org

      From: Jamie Cameron jcameron@users.sf.netamp#106;amp#99;amp#97;amp#109;amp#101;amp#114;amp#111;amp#110;amp#64;amp#117;amp#115;amp#101;amp#114;amp#115;amp#46;amp#115;amp#102;amp#46;amp#110;amp#101;amp#116;
      Reply-To: "[webadmin:bugs]" 4338@bugs.webadmin.p.re.sf.netamp#52;amp#51;amp#51;amp#56;amp#64;amp#98;amp#117;amp#103;amp#115;amp#46;amp#119;amp#101;amp#98;amp#97;amp#100;amp#109;amp#105;amp#110;amp#46;amp#112;amp#46;amp#114;amp#101;amp#46;amp#115;amp#102;amp#46;amp#110;amp#101;amp#116;
      Date: Friday, January 3, 2014 5:23 PM
      To: "[webadmin:bugs]" 4338@bugs.webadmin.p.re.sf.netamp#52;amp#51;amp#51;amp#56;amp#64;amp#98;amp#117;amp#103;amp#115;amp#46;amp#119;amp#101;amp#98;amp#97;amp#100;amp#109;amp#105;amp#110;amp#46;amp#112;amp#46;amp#114;amp#101;amp#46;amp#115;amp#102;amp#46;amp#110;amp#101;amp#116;
      Subject: [webadmin:bugs] #4338 Webmin login -> change expired password fails

      Could you also post the debug logs? I'd like to see the output that indicates that the password is actually valid.

      [bugs:#4338] Webmin login -> change expired password fails

      Status: open
      Created: Fri Jan 03, 2014 05:20 PM UTC by TJ Maciak
      Last Updated: Fri Jan 03, 2014 05:20 PM UTC
      Owner: nobody

      When I have pass_maxdays set and the users password is > older than the value of pass_maxdays then it will prompt the user to change their password at the login screen (great feature!). However it gives me the following error (see attachment) after I enter the existing password and type in the new password twice. The odd thing about this is with debugging on, clearly it shows me that the password I typed in originally to tell me my password is expired, is "valid" according to the debug logs.

      Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/webadmin/bugs/4338/

      To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

       

      Related

      Bugs: #4338

      alternate

  • TJ Maciak

    TJ Maciak - 2014-01-03

    I replied to the email, not sure if it will go through and attach to this ticket, but I am leaving work soon for the weekend and I wanted to make sure you received the information. If this gets posted twice I apologize.

    From: TJ Maciak maciaktj@gvsu.edu
    Date: Friday, January 3, 2014 5:31 PM
    To: "[webadmin:bugs]" 4338@bugs.webadmin.p.re.sf.net
    Subject: Re: [webadmin:bugs] #4338 Webmin login -> change expired password fails

    Sure. I am posting the output, both of the initial login (which then prompts me for changing my password because its too old) as well as for the process of myself changing the password (where it gives the error message I put in a screen capture earlier).

    [START]
    main: Starting handle_request loop pid=53151
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    handle_request: passed IP checks
    handle_request: passed timeout check
    handle_request reqline=POST /session_login.cgi HTTP/1.1
    handle_request: got headline Host: www.testweb.com:11111
    handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
    handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
    handle_request: got headline Accept-Language: en-US,en;q=0.5
    handle_request: got headline Accept-Encoding: gzip, deflate
    handle_request: got headline Referer: https://www.testweb.com:11111/
    handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
    handle_request: got headline Connection: keep-alive
    handle_request: got headline Content-Type: application/x-www-form-urlencoded
    handle_request: got headline Content-Length: 44
    clen_read=44 clen=44 posted_data=44
    handle_request: posted_data=page=%2F&user=test_user&pass=password
    handle_request: Need authentication
    validate_user: user=test_user pass=password host=www.testweb.com
    validate_user: canuser=test_user canmode=1 notexist=0 webminuser=test_user sudo=
    main: Starting handle_request loop pid=53152
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    validate_user: Password is valid lc=1383772368 pass_maxdays=30
    maxdays=30 daysold=58.0512384259259 temppass=
    handle_login: requesting delay vu=test_user acptip=10.10.1.95 ok=1
    main: inline delay test_user 10.10.1.95 1
    handle_login: delay=0 blocked=0
    handle_request: page=/password_form.cgi simple=/password_form.cgi
    handle_request: passed IP checks
    handle_request: initial full=
    handle_request: full=/usr/libexec/webmin/password_form.cgi
    handle_request: executing CGI
    REMOTE_USER =
    BASE_REMOTE_USER =
    main: Done handle_request loop pid=53151
    main: inline EOF
    handle_request: passed timeout check
    handle_request reqline=
    handle_request: invalid reqline=
    main: inline EOF

    main: Starting handle_request loop pid=53166
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    handle_request: passed IP checks
    handle_request: passed timeout check
    handle_request reqline=POST /password_change.cgi HTTP/1.1
    handle_request: got headline Host: www.testweb.com:11111
    handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Firefox/26.0
    handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
    handle_request: got headline Accept-Language: en-US,en;q=0.5
    handle_request: got headline Accept-Encoding: gzip, deflate
    handle_request: got headline Referer: https://www.testweb.com:11111/session_login.cgi
    handle_request: got headline Cookie: testing=1; sid=x; sessiontest=1
    handle_request: got headline Connection: keep-alive
    handle_request: got headline Content-Type: application/x-www-form-urlencoded
    handle_request: got headline Content-Length: 90
    clen_read=90 clen=90 posted_data=90
    handle_request: posted_data=user=test_user&pam=1&expired=1&old=password&new1=newPassword&new2=newPassword
    handle_request: Need authentication
    handle_request: page=/password_change.cgi simple=/password_change.cgi
    handle_request: initial full=
    handle_request: full=/usr/libexec/webmin/password_change.cgi
    handle_request: executing CGI
    REMOTE_USER =
    BASE_REMOTE_USER =
    main: Starting handle_request loop pid=53168
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    handle_request: passed IP checks
    main: Starting handle_request loop pid=53170
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    handle_request: passed IP checks
    main: Starting handle_request loop pid=53171
    handle_request: from 10.10.1.95 to 10.10.2.164 ipv6=0
    handle_request: passed IP checks
    main: inline EOF
    [END]
    --

    T.J. Maciak, M.S. C.I.S.
    Senior Programmer, Community Research Institute
    Johnson Center for Philanthropy
    Grand Valley State University
    616-331-7029
    http://www.cridata.org

     

  • Jamie Cameron

    Jamie Cameron - 2014-01-04
    • status: open --> closed-fixed
     

  • Jamie Cameron

    Jamie Cameron - 2014-02-14

    Yes, it should have been fixed in 1.670.

    If you are still seeing this issue, please provide details about the error you are seeing and the password age you have set.

     

Log in to post a comment.

MongoDB Logo MongoDB
Gen AI apps are built with MongoDB Atlas
Atlas offers built-in vector search and global availability across 125+ regions. Start building AI apps faster, all in one place.
Try Free →