33440 2017-05-01 12:48:36 +0300 passwd without username changes password for another user under su - 2018-07-02 02:05:01 +0300 1 1 4 Development Sisyphus passwd unstable all Linux CLOSED FIXED P3 enhancement --- 33439 1 imz ldv ldv placeholder qa-sisyphus oldest_to_newest 163508 0 imz 2017-05-01 12:48:36 +0300 The same happens on Sisyphus: [root@dd2 ~]# rpm -qf "$(which passwd)" "$(which su)" passwd-1.0.13-alt1.x86_64 su-0.60-alt35.x86_64 [root@dd2 ~]# apt-cache depends passwd | sed -nre 's:^ ::p' | sort -u control-0.7.6-alt1 glibc-core-6:2.25-alt2 libpam0-1.3.0-alt1 pam-config-1.7.0-alt1 pam0-config-1.7.0-alt1 sh-3.2.57-alt1 tcb-utils-1.1-alt1 [root@dd2 ~]# +++ This bug was initially created as a clone of Bug #33439 +++ $ rpm -qf "$(which passwd)" "$(which su)" passwd-1.0.13-alt1 su-0.60-alt34 $ apt-cache depends passwd | sed -nre 's:^ ::p' | sort -u control-0.7.6-alt1 glibc-core-6:2.23-alt3 libpam0-1.3.0-alt1 pam0-config-1.7.0-alt1 pam-config-1.7.0-alt1 sh-3.2.57-alt1 tcb-utils-1.1-alt1 $ I expect to change the password for root, but passwd without username changes password for another user under "su -": imz@rollerderby ~ $ su - Password: rollerderby ~ # passwd passwd: updating all authentication tokens for user imz. ... (First, I didn't notice that the username is written in the message and couldn't understand what was happening!) 163509 1 imz 2017-05-01 12:55:13 +0300 I've checked this on old systems. The behavior is the same. Perhaps, this is not a bug, but an old feature... 163510 2 imz 2017-05-01 13:00:15 +0300 But the behavior is like I expected (i.e., different from ALT) on a RHEL7.2-clone: {box} [user@dd1 ~]$ su - Password: Last login: Thu Apr 27 18:08:58 MSK 2017 from gateway on pts/1 {box} [root@dd1 ~]# passwd Changing password for user root. New password: {box} [root@dd1 ~]# cat /etc/os-release NAME="Scientific Linux" VERSION="7.2 (Nitrogen)" ID="rhel" ID_LIKE="fedora" VERSION_ID="7.2" PRETTY_NAME="Scientific Linux 7.2 (Nitrogen)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:scientificlinux:scientificlinux:7.2:GA" HOME_URL="http://www.scientificlinux.org//" BUG_REPORT_URL="mailto:scientific-linux-devel@listserv.fnal.gov" REDHAT_BUGZILLA_PRODUCT="Scientific Linux 7" REDHAT_BUGZILLA_PRODUCT_VERSION=7.2 REDHAT_SUPPORT_PRODUCT="Scientific Linux" REDHAT_SUPPORT_PRODUCT_VERSION="7.2" {box} [root@dd1 ~]# rpm -qf "$(which passwd)" "$(which su)" passwd-0.79-4.el7.x86_64 util-linux-2.23.2-26.el7.x86_64 {box} [root@dd1 ~]# 163511 3 ldv 2017-05-01 13:04:09 +0300 (In reply to comment #1) > I've checked this on old systems. The behavior is the same. Perhaps, this is > not a bug, but an old feature... Yes, quite old. It's the name returned by getlogin(3) and printed by logname(1). 163512 4 imz 2017-05-01 13:14:21 +0300 From http://openbsd-archive.7691.n7.nabble.com/passwd-without-argument-in-sudo-td274304.html : > when I 'sudo su - ' into a root shell and issue a 'passwd' without a > username > argument, then it does not try to change the passwd for the current user (in > this case root) but for the user from which I issued the 'sudo'. This is because passwd changes the password for the logged in user by default, as returned by the logname system call. You can run the logname command to see that this is not changed when you run su. It's probably worth mentioning this in the passwd manual as it does seem to cause some confusion. -------- But on the RHEL7.2-clone the user reported by logname and the user the password is changed for (root, as expected) are different: {box} [root@dd1 ~]# logname user {box} [root@dd1 ~]# passwd Changing password for user root. New password: {box} [root@dd1 ~]# Such a difference in the behavior between different distributions is confusing, isn't it? But I don't know what a good solution could be... Like here http://lists.suckless.org/hackers/1407/5172.html : "allow passwd without argument, prompt which user password is changed" 163515 5 imz 2017-05-01 15:53:54 +0300 This was discussed already in the beginning of 2003 -- https://lists.altlinux.org/pipermail/sisyphus/2003-February/238619.html . Perhaps, to avoid confusion, the invocation without an argument should be simply disallowed (for /usr/sbin/passwd, i.e., for root, who can easily change the password for another user by mistake). 172358 6 repository-robot 2018-07-02 02:05:01 +0300 passwd-1.0.14-alt1 -> sisyphus: Sun Jul 01 2018 Dmitry V. Levin <ldv@altlinux> 1.0.14-alt1 - Refuse to change password for different logged in user by default (closes: #33440). - passwd -d: clarify the meaning of delete option (closes: #34906). - passwd -S: support detection of modern encryption modes (by vt@).