Fedora 15 authentication error

May this post help the mighty Google to help these poor people who somehow corrupt the security label of their /etc/shadow file. Their ability to log into the system (with any user) disappears and the error messages are all but helpful:

unix_chkpwd[700]: could not obtain user info (root)
passwd: Authentication token manipulation error

If You are running Fedora with SELinux enabled (which is the default configuration), You should verify the label with ls -Z

# ls -Z /etc/shadow
----------. root root system_u:object_r:shadow_t:s0 /etc/shadow

If it differs from the line above, use restorecon to fix it:

# restorecon -R /etc

And happy days are here again!

PS! I do like the idea of SELinux and its operating principles, however I fail to understand the point of denying passwd command access to incorrectly labeled files.

Comments are closed.