The Problem
The system can not intermittently change the user password even after the password has expired as below secure log. Although the password was changed, the new password will not be applied for the next login attempt.
/var/log/secure -------------- Jan 10 15:26:28 sshd[5999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lpct-80fffz1.precastcorp.com user=test Jan 10 15:28:01 crond[6274]: pam_unix(crond:account): expired password for user test (password aged) Jan 10 15:39:24 passwd: pam_pwquality(passwd:chauthtok): pam_get_authtok_verify returned error: Failed preliminary check by password service Jan 10 15:39:54 passwd: gkr-pam: couldn't update the login keyring password: no old password was entered Jan 10 15:41:36 passwd: pam_unix(passwd:chauthtok): password changed for test Jan 10 15:41:36 passwd: gkr-pam: couldn't update the login keyring password: no old password was entered
The Solution
The pam_gnome_keyring.so module being loaded in the pam.d directory and is preventing the password change. Remove the gnome-keyring-pam package as per the below steps:
# rpm -qa | grep gnome-keyring # yum remove gnome-keyring-pam-[version]