On Fri, 4 May 2007, Thor Lancelot Simon wrote:

> On Fri, May 04, 2007 at 01:28:55PM -0500, Jeremy C. Reed wrote:
> >
> > On NetBSD, logging in as a non-root user and then "su" to root followed 
> > by "passwd" will reset the original logged in user's password.
> 
> Of course it does -- it you want the system to behave as if you logged
> in as root, use 'su - root'.  Otherwise, you get root's uid with your own
> login environment -- which is what Unix su has done for as long as I can
> remember, anyway.  "Unix gives you enough rope."

I can't repeat that on my NetBSD systems. I tried on 3.1 and also 3.99.24.
I also tried "su -l root" (but - is -l).

Can anyone else please test this?

For example on NetBSD 3.1:

$ id
uid=1002(reed) gid=100(users) groups=100(users),0(wheel)
$ echo $USER $LOGNAME
reed reed
$ su -l root
Password: <-- typed in my long password
Terminal type is xterm.                                                 
c-0500# id
uid=0(root) gid=0(wheel) 
groups=0(wheel),2(kmem),3(sys),4(tty),5(operator),20(staff),31(guest)
c-0500# echo $USER $LOGNAME
root root
c-0500# passwd
New Password: <-- I type in "abc" here
Retype New Password:  <-- abc
Please enter a longer password.
New Password: <-- abc
Retype New Password: <-- abc
c-0500# exit
$ id
uid=1002(reed) gid=100(users) groups=100(users),0(wheel)
$ su
Password: <-- I typed in abc
su: Sorry: authentication error
$ passwd
Old Password: <-- abc .... that works but is not what I expected :(
New Password: <-- reset my password to what it was
Retype New Password: <-- again
$ su
Password: <-- my original password works
# 

Am I the only one with this problem?

(I just saw another problem with login I will post another thread for 
it.)

> I believe you can also change the behavior of passwd by changing the
> value of the $USER or $LOGNAME environment variables.

Also what about the regression? Before PAM (I think), it used to display: 
"Changing local password for ..."

  Jeremy C. Reed