jailshell users 'passwd' problems

ckrewt

Registered
Dec 22, 2007
3
0
51
Hello Everyone,
First time caller long time listener! :P

I have a problem, I have been giving jailshells out to friends so they can IRC and what not However we have stumbled across a unique bug and im not sure how to fix it, Ive spent the day rummaging around google to no avail and im not sure how to solve it, Maybe you can all help me.

The problem is users on the jailshell environment cannot change there passwords via the shell command "passwd" the permissions of the binary are fine, They can run the application, It asks them for current password and enter there new password twice, It says its all been updated but the new password is never set, It just ends up the password i set for them, Without jailshell users can change there passwords fine, And i can use root to alter there passwords also, Demonstration below:

[[email protected] ~]# adduser testuser -s /usr/local/cpanel/bin/jailshell
[[email protected] ~]# passwd testuser
Changing password for user testuser.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[[email protected] ~]# su testuser
[[email protected] ~]$ passwd
Changing password for user testuser.
Changing password for testuser
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[[email protected] ~]$ exit
exit
[[email protected] ~]# ssh [email protected]
[email protected]'s password: <password i changed it to on there shell>
Permission denied, please try again.
[email protected]'s password: <original set password>
[[email protected] ~]$

Also if i try to run 'passwd' for a second time after the first failure, I get this:

[email protected]'s password:
[[email protected] ~]$ passwd
Changing password for user testuser.
Changing password for testuser
(current) UNIX password:
passwd: Authentication token manipulation error
[[email protected] ~]$

If anyone has a solution other then not giving users a normal shell i would be a very happy camper :)
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,607
79
458
cPanel Access Level
Root Administrator
The password is only being updated in the chroot environment, rather than the system. You will need to find another way of making the password change, rather than in the jailshell environment.