Jon Lewis wrote: > This looks like Red Hat PAM breakage. I verified it works (gives root) on > my Red Hat 4.1 box, but it does not on any of my Slackware based boxes > that are shadow upgraded. As has been pointed out, it is actually a libc problem. The pam_unix_....so modules use libc, so these modules will exhibit this unfortunate behavior. Admins should beware that if libc has a hand in the process of changing a user's password the corresponding UID entry in /etc/passwd will be explicitly reset to 0. Fortunately, pam_pwdb (a plug-in replacement for pam_unix_..), which does not use libc for any authentication related actions, does not suffer from this problem. So Linux-PAM based systems can be made resistant to this "administrative problem" by putting pam_pwdb in all the places that their pam configuration refers to pam_unix_... PS. I'd really like to hear from anyone that _can_ break Linux-PAM in any way... [Use the "source" (Luke ;^)] Cheers Andrew -- Linux-PAM, libpwdb, Orange-Linux and Linux-GSS http://parc.power.net/morgan/index.html