ISPconfig2, problem with pop authentication, /etc/shadow

Discussion in 'General' started by moiseev.igor, Apr 21, 2010.

  1. moiseev.igor

    moiseev.igor New Member

    Hello we experience rare but constant problems with "perfect server" on Ubuntu 8.04 + ISPconfig 2 (different ispconfig releases and also the last one).

    Problem description:

    The main play is around the /etc/shadow (contains the linux users passwords in encrypted format, The problem is that when we modify the datas for one user (ex. "web25_info") then the /etc/shadow will rewritten for all domain users "web25" even when no password was modified!!!

    So the MAIN problem is that sometimes (could not reproduce it in vitro) the password changes to some uncertain one, so that any authentication versus /etc/shadow for the user under modification FAILS.

    The problem causes authentication error with ftp, ssh, pop and other services.

    The unique solution we found is to backup /etc/shadow, introduce any modification to the user settings (ex. activation antivirus/antispam for the user email) and then recover correct shadow from backup.

    Any ideas or advice on the question are extremely welcome!!

    Thank you.
  2. Puckel

    Puckel New Member


    I've the same problem. My sellers hits me :(, anyone have an idea or a fix please ?

  3. till

    till Super Moderator Staff Member ISPConfig Developer

    We investigated this on several systems and found out that these problems are caused by browser extensions that use an autofill function to fill in login details like the password field in ispconfig.

    If you use any browser that automatically fills password fields, you should disable this function for your ispconfig server domain.
  4. moiseev.igor

    moiseev.igor New Member

    Yes, the browser auto-fill was the issue in some cases. So the advise is to use firefox and never to remember the passwords even for login form to ispconfig2.

    I'm still monitoring the case, before logging to ispconfig2, always do the backup of /etc/shadow to get be sure of any modifications done by ispconfig.

    Still get no idea about the behavior of ispconfig2. On user creation it simply adds the user password at the end of /etc/shadow and on ANY modification to the user, for ex. activation of antispam, the whole group of users will be rewritten at the end of the file /etc/shadow.

    Thank you for the concern.
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats the normal behaviour in ISPConfig 2. It does not cause any problems. I never had a corruption of any password on my servers in the last years.
  6. moiseev.igor

    moiseev.igor New Member

    Till in the last post I didn't say that it corrupts any password.
    Vice versa, I really want it would be so! ;)
    And still these two or three weeks it is so, works just perfect!
  7. Norman

    Norman Member HowtoForge Supporter

    Anyone know if the ISPConfig team provided an update that flagged these fields not to be cached by firefox/chrome ?

Share This Page