Eu criei um novo usuário e defini uma senha válida (como root). A conta está funcionando e eu posso acessar localmente / ssh etc.
No entanto, quando logado como usuário, não posso alterar a senha usando passwd . Eu recebo um erro de token de autenticação depois de digitar a senha antiga.
Acredito que seja minha pam config, mas não tenho certeza de onde estou indo errado. Algum conselho? SO é openSUSE 12.1
Pam.d config:
sbc:/etc/pam.d # cat passwd
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
sbc:/etc/pam.d # cat common-auth
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Authentication-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
auth required pam_env.so
auth [success=2] pam_unix2.so
auth required pam_script.so bad log=0
auth requisite pam_deny.so
auth required pam_script.so good log=0
sbc:/etc/pam.d # cat common-account
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Account-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the accountorization modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired.
#
account required pam_unix2.so
sbc:/etc/pam.d # cat common-password
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user passwords.
#
password requisite pam_pwcheck.so debug nullok cracklib maxlen=128 minlen=8 retry=3 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 remember=12 enforce_for_root
password required pam_unix2.so use_authtok nullok
sbc:/etc/pam.d # cat common-session
#%PAM-1.0
#
# This file is autogenerated by pam-config. All changes
# will be overwritten.
#
# Session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive
#
session required pam_limits.so
session required pam_unix2.so
session optional pam_umask.so
session optional pam_systemd.so