On Sat, 5 May 2007, John Nemeth wrote:

> } > > On NetBSD, logging in as a non-root user and then "su" to root followed 
> } > > by "passwd" will reset the original logged in user's password.
> 
>      I've been admining UNIX systems for over 15 years on a variety of
> OSes and as far as I can recall, this is how it has always worked.

Is the behaviour defined anywhere?

Because on FreeBSD and on Gentoo Linux it is different than NetBSD.

> Note that the passwd program uses getlogin() to determine who you are
> and passes that to getpwnam().

Yes. I just don't think it should use getlogin() -- especially since "su 
-l" only "simulates" login and doesn't setlogin().

> } Also what about the regression? Before PAM (I think), it used to display: 
> } "Changing local password for ..."
> 
>      Ignoring the nitpick that the password may not be local, I'll add
> this message.

Thanks for doing that!

  Jeremy C. Reed