Updating sangoma-pbx package locks password for local user account

bitbanger · February 8, 2019, 9:04pm

FreePBX Distro 14.0.5.25

When I updated to sangoma-pbx-1902-2 yesterday an installation scriptlet locked the password for the user account used to provision my IP phones via FTP. The account had a weak password that pam_pwqualify wouldn’t accept: I had to set the password using ‘chpasswd’.

I then changed to a password that pam_pwqualify accepted (i.e., could be set using ‘passwd’).

Today I updated to sangoma-pbx-1902-3. The installation scriptlet locked the password for the IP phones’ user account again.

Why is the installation scriptlet locking that user account’s password? The password is 8 characters long and contains letters and digits.

Thanks!

[ EDIT ]

Here’s the scriptlet output from the sangoma-pbx-1902-3 update:

Scriptlet output:
1 Redirecting to /bin/systemctl restart httpd.service
2 Locking password for user PlcmSpIp.
3 passwd: Success
4 Redirecting to /bin/systemctl restart xinetd.service
5 Machine not eligible for ftp configuration.
6 Created symlink from /etc/systemd/system/multi-user.target.wants/redis.service to /usr/lib/systemd/system/redis.service.

tm1000 · February 8, 2019, 10:14pm

You should report this as an issue because what you are complaining about has existed for many years.

xrobau · February 9, 2019, 11:12pm

That is a well known account, and is a constant target by hackers. Change the account NAME to something else, and the account won’t get locked.

bitbanger · February 10, 2019, 1:40am

I’ll give that a try, thanks!
Does anyone know if there is a list of account names that FreePBX likes to lock?

[ EDIT ]

Just renamed the account, reinstalled sangoma-pbx and the password did not get locked this time. Problem solved!

system · February 17, 2019, 1:40am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.