Bug 44584

Summary: improove check_cracklib.py error handling
Product: UCS Reporter: Florian Best <best>
Component: KerberosAssignee: UCS maintainers <ucs-maintainers>
Status: RESOLVED DUPLICATE QA Contact: UCS maintainers <ucs-maintainers>
Severity: normal    
Priority: P5 CC: best, gohmann, requate
Version: UCS 4.2Flags: best: Patch_Available+
Target Milestone: ---   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=32152
https://forge.univention.org/bugzilla/show_bug.cgi?id=42780
What kind of report is it?: Development Internal What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Cleanup, Error handling, Troubleshooting, Usability
Max CVSS v3 score:
Bug Depends on: 43859, 44582    
Bug Blocks:    
Attachments: patch

Description Florian Best univentionstaff 2017-05-11 17:29:39 CEST 
Created attachment 8841 [details]
patch

# create user with posix,samba and expired password
udm users/user create --position cn=users,dc=update,dc=test --option posix --option samba --set username=h8fulvhzub --set firstname=la89yrgujm --set lastname=vkiy57bd6w --set pwdChangeNextLogin=1 --set password=kw0bn707lq

# try to change password via UMC
curl -i -d "{\"options\":{\"username\":\"h8fulvhzub\",\"password\":\"kw0bn707lq\",\"new_password\":\"o4yrqus17x\"}}" -H "Content-Type: application/json" http://localhost/univention/auth

→ displays the following error message in UMC:

"""Changing password failed. The reason could not be determined. In case it helps, the raw error message will be displayed: External password quality program failed: Traceback (most recent call last). Errorcode 20: The new password could not be set.
"""

The traceback is nowhere ever shown or logged, because kpasswd strips everything after the first newline ("Traceback (most recent call last).\n…").

This can be changed with the attached patch.

+++ This bug was initially created as a clone of Bug #44582 +++
Comment 1 Florian Best univentionstaff 2017-05-11 17:50:13 CEST 
Another example where it causes trouble was: Bug #42780
This patch fixes also this!
Comment 2 Florian Best univentionstaff 2020-06-22 18:13:45 CEST 
fixed in git:303d8bdf280f2ca4d70e54ac0b41c3fe9b0846e8

*** This bug has been marked as a duplicate of bug 41786 ***