사용자는 passwd(pam 구성)를 사용하여 비밀번호를 변경할 수 없습니다.

tag-icon tag-icon opensuse authentication pam non-root-user passwd
사용자는 passwd(pam 구성)를 사용하여 비밀번호를 변경할 수 없습니다.

새 사용자를 생성하고 유효한 비밀번호를 루트로 설정했습니다. 계정이 실행 중이며 로컬/ssh 등에 로그인할 수 있습니다.

그러나 해당 사용자로 로그인하면 비밀번호 변경을 사용할 수 없습니다 passwd. 이전 비밀번호를 입력하면 인증 토큰 오류가 발생합니다.

나는 이것이 내 pam구성이라고 생각하지만 어디에서 잘못되고 있는지 잘 모르겠습니다. 어떤 제안이 있으십니까? 운영 체제는openSUSE 12.1

Pam.d 구성:

sbc:/etc/pam.d # cat passwd
#%PAM-1.0
auth     include        common-auth
account  include        common-account
password include        common-password
session  include        common-session

sbc:/etc/pam.d # cat common-auth
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Authentication-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
auth    required        pam_env.so
auth    [success=2]     pam_unix2.so
auth    required        pam_script.so   bad     log=0
auth    requisite       pam_deny.so
auth    required        pam_script.so   good    log=0

sbc:/etc/pam.d # cat common-account
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Account-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the accountorization modules that define
# the central access policy for use on the system.  The default is to
# only deny service to users whose accounts are expired.
#
account required        pam_unix2.so

sbc:/etc/pam.d # cat common-password
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define  the services to be
# used to change user passwords.
#
password        requisite       pam_pwcheck.so  debug nullok cracklib maxlen=128 minlen=8 retry=3 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 remember=12 enforce_for_root
password        required        pam_unix2.so    use_authtok nullok

sbc:/etc/pam.d # cat common-session
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive
#
session required        pam_limits.so
session required        pam_unix2.so
session optional        pam_umask.so
session optional        pam_systemd.so

관련 정보