Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st April 2010, 13:27
moiseev.igor moiseev.igor is offline
Junior Member
 
Join Date: Nov 2009
Posts: 8
Thanks: 0
Thanked 2 Times in 2 Posts
Default ISPconfig2, problem with pop authentication, /etc/shadow

Hello we experience rare but constant problems with "perfect server" on Ubuntu 8.04 + ISPconfig 2 (different ispconfig releases and also the last one).

Problem description:
The main play is around the /etc/shadow (contains the linux users passwords in encrypted format, http://en.wikipedia.org/wiki/Shadow_password). The problem is that when we modify the datas for one user (ex. "web25_info") then the /etc/shadow will rewritten for all domain users "web25" even when no password was modified!!!

So the MAIN problem is that sometimes (could not reproduce it in vitro) the password changes to some uncertain one, so that any authentication versus /etc/shadow for the user under modification FAILS.
The problem causes authentication error with ftp, ssh, pop and other services.

The unique solution we found is to backup /etc/shadow, introduce any modification to the user settings (ex. activation antivirus/antispam for the user email) and then recover correct shadow from backup.

Any ideas or advice on the question are extremely welcome!!

Thank you.
Reply With Quote
Sponsored Links
  #2  
Old 26th May 2010, 09:23
Puckel Puckel is offline
Junior Member
 
Join Date: May 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi,

I've the same problem. My sellers hits me , anyone have an idea or a fix please ?

Thanks.
Reply With Quote
  #3  
Old 26th May 2010, 10:00
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,733
Thanks: 840
Thanked 5,597 Times in 4,407 Posts
Default

We investigated this on several systems and found out that these problems are caused by browser extensions that use an autofill function to fill in login details like the password field in ispconfig.

If you use any browser that automatically fills password fields, you should disable this function for your ispconfig server domain.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #4  
Old 26th May 2010, 10:39
moiseev.igor moiseev.igor is offline
Junior Member
 
Join Date: Nov 2009
Posts: 8
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Yes, the browser auto-fill was the issue in some cases. So the advise is to use firefox and never to remember the passwords even for login form to ispconfig2.

I'm still monitoring the case, before logging to ispconfig2, always do the backup of /etc/shadow to get be sure of any modifications done by ispconfig.

Still get no idea about the behavior of ispconfig2. On user creation it simply adds the user password at the end of /etc/shadow and on ANY modification to the user, for ex. activation of antispam, the whole group of users will be rewritten at the end of the file /etc/shadow.

Thank you for the concern.
Igor.
Reply With Quote
The Following User Says Thank You to moiseev.igor For This Useful Post:
AbannyvabVask (20th December 2013)
  #5  
Old 26th May 2010, 11:30
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,733
Thanks: 840
Thanked 5,597 Times in 4,407 Posts
Default

Quote:
Still get no idea about the behavior of ispconfig2. On user creation it simply adds the user password at the end of /etc/shadow and on ANY modification to the user, for ex. activation of antispam, the whole group of users will be rewritten at the end of the file /etc/shadow.
Thats the normal behaviour in ISPConfig 2. It does not cause any problems. I never had a corruption of any password on my servers in the last years.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 26th May 2010, 11:37
moiseev.igor moiseev.igor is offline
Junior Member
 
Join Date: Nov 2009
Posts: 8
Thanks: 0
Thanked 2 Times in 2 Posts
Default

Till in the last post I didn't say that it corrupts any password.
Vice versa, I really want it would be so!
And still these two or three weeks it is so, works just perfect!
Reply With Quote
  #7  
Old 26th May 2010, 20:41
Norman Norman is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 242
Thanks: 0
Thanked 18 Times in 14 Posts
 
Default

Anyone know if the ISPConfig team provided an update that flagged these fields not to be cached by firefox/chrome ?
__________________
http://www.xh.se
Reply With Quote
The Following User Says Thank You to Norman For This Useful Post:
AbannyvabVask (18th December 2013)
Reply

Bookmarks

Tags
ispconfig, linux, shadow

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix problems with smtp linkdeb Server Operation 13 15th March 2014 18:58
SASL Authentication problem bschultz Server Operation 6 11th July 2009 01:09
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 13:20
postfix does not authenticate through saslauthd openman Server Operation 32 21st November 2008 11:29
Read but not send mail briggers HOWTO-Related Questions 24 7th April 2006 20:22


All times are GMT +2. The time now is 22:41.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.