Bug 48897 - ugly error message in password change
ugly error message in password change
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Self Service
UCS 4.4
Other Linux
: P5 normal (vote)
: UCS 4.4-0-errata
Assigned To: Felix Botner
Florian Best
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-03-07 15:04 CET by Felix Botner
Modified: 2019-03-27 13:29 CET (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 2: Improvement: Would be a product improvement
Who will be affected by this bug?: 3: Will affect average number of installed domains
How will those affected feel about the bug?: 1: Nuisance – not a big deal but noticeable
User Pain: 0.034
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2019-03-07 15:04:32 CET
UCS without samba !!!

(a)
Password change with old_password == new_password:

Passwort ändern fehlgeschlagen. Der Grund konnte nicht festgestellt werden. Für den Fall, dass es hilft, hier die originale Fehlernachricht: Passwort nicht geändert. Errorcode 20: Das neue Passwort konnte nicht gesetzt werden.


In contrast the error message for a too short password:

Passwort ändern fehlgeschlagen. Das Passwort ist zu kurz.


(b) 
Password change for a deactivated account

Ungültige Zugangsdaten. Passwortwechsel fehlgeschlagen.

This message could be better too
Comment 1 Florian Best univentionstaff 2019-03-07 15:17:13 CET
We should find out what is broken in Samba! If this is fixed, PAM doesn't send such a ugly error message.
Comment 2 Felix Botner univentionstaff 2019-03-14 15:58:13 CET
(In reply to Florian Best from comment #1)
> We should find out what is broken in Samba! If this is fixed, PAM doesn't
> send such a ugly error message.

UCS without samba!!!
Comment 3 Felix Botner univentionstaff 2019-03-14 15:58:51 CET
this breaks 86_selenium.10_product_test_password_change.test
Comment 4 Felix Botner univentionstaff 2019-03-14 16:01:30 CET
if i change the pam config for passwd to exactly the same as umc, i get

-> passwd test2
Current Kerberos password: 
Geben Sie ein neues Passwort ein: 
Passwort nicht geändert
passwd: Fehler beim Ändern des Authentifizierungstoken
passwd: Passwort nicht geändert

-> LC_ALL=C passwd test2
Current Kerberos password: 
New password: 
Password unchanged
passwd: Authentication token manipulation error
passwd: password unchanged

These two error messages (Passwort nicht geändert, password unchanged) are not in the "The password was already used." error list in univention/management/console/pam.py. I guess we have to add them.
Comment 5 Felix Botner univentionstaff 2019-03-14 16:30:00 CET
fixed in univention-management-console

aca9f219e8b186dcb2a28b20237703cccdf5e560
365d9748aa4c965bd3d50aea98d975307bddcc2c

yaml

cb2002f87ea2072efe87370ea32191dca7547aaa

QA:
please also check 86_selenium.10_product_test_password_change.test
Comment 6 Florian Best univentionstaff 2019-03-14 16:50:00 CET
OK: password change messages

The test case fails in my environment:
selenium.common.exceptions.WebDriverException: Message: unknown error: Element <div class="umcGalleryNameContent">...</div> is not clickable at point (507, 236). Other element would receive the click: <div class="appInnerWrapper umcGalleryItem">...</div>

But I will have a look tomorrow in jenkins, it's probably something with the configuration.

OK: YAML
Comment 7 Arvid Requate univentionstaff 2019-03-27 13:29:29 CET
<http://errata.software-univention.de/ucs/4.4/25.html>