The Linux Page

Authentication Failing for some or all users

Since my last upgrade, I had many small things that went awry on my computer. From tsearch2 in a Postgres database to ownership of files to the following authentication problem:

root@mycomputer:~# su - www-data
su: Authentication service cannot retrieve authentication info
(Ignored)
www-data@mycomputer:~$

Note that with su it ignores the fact. With cron it was not being ignored, so I'd get no work done!

That one, I was really not too sure what had happened. The upgrade asked me whether I should accept to (finally) change from apache to www-data and I agreed. The fact it that the installation script does a good job in the /etc/passwd file, but not in the /etc/shadow file. In other words, in the shadow file, I still had apache instead of www-data. That was it. The following shows the line I changed.

Before

...
apache:*:13568:0:99999:7:::
...

After

...
www-data:*:13568:0:99999:7:::
...

You get the same error when you use nsswitch (it looks like, I don't use it.) The solution for that one is to edit the /etc/nsswitch.conf file and change the 'compat' with 'files nis'. That had no effect for me since in my case I was using a direct login, not the Name Service Switch deamon.

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

#passwd:         compat
#group: compat
#shadow: compat
passwd: files nis
group: files nis
shadow: files nis
hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis

Welcome!

Yep! Sounds like the exact same problem! This one took me a little time to catch then...

Thanks

It's funny - all I had to see was "shadow" and I realized the problem, which was as you described. I had this issue after upgrading Ubuntu from Gutsy to Hardy. In my case, this prevented one of my cron jobs from running since it was trying to run as www-data.