Subject: changing root's password changes login user instead
To: None <>
From: Jeremy C. Reed <>
List: tech-userlevel
Date: 05/04/2007 13:28:55
On NetBSD, logging in as a non-root user and then "su" to root followed 
by "passwd" will reset the original logged in user's password.

I was using NetBSD 3.1. But I tested on a more recent -current also.

It is often suggested that to change root's password to use "passwd root".

It doesn't display the "Changing local password for ...". Can we re-add 
that? (Does this need to be done in PAM?)

It appears to use getlogin(2) while other implementations use getuid(3) 
and getpwuid(3).

It doesn't check if there is a login/uid mismatch. Can we add a check for 

So the behaviour in this example of

	passwd # no arguments

is different between FreeBSD and NetBSD.

I am not sure if "passwd(1)" is even covered by Open Group's Single UNIX 
specification or POSIX. (Does anyone know?)

Any comments on the differences of behaviour?

Should we have it output what username is being changed?

If we don't fix this to abort on login/uid mismatch, we should add a 
warning to our passwd.1 man page so this is clear. Because users coming 
from a another Unix may unknowingly change wrong password and potentially 
lock themselves out if they didn't know what happened.

  Jeremy C. Reed

p.s. This happened to me due to jumping from system to system.

p.p.s. I am working on a generic beginning BSD admin book and want to make 
sure it is clear for newbies.