Cacti 1.0.x first time password change

Post general support questions here that do not specifically fall into the Linux or Windows categories.

Moderators: Developers, Moderators

Post Reply
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Cacti 1.0.x first time password change

Post by anhtuan206 »

Hi everyone,
I am installing cacti 1.0.5 and 1.0.6 on new server. At the first time of the installation cacti will ask for change the default password but after input the current and the new password, web browser display that "The page isn't working".
Did anyone see this issue with cacti 1.0.5 or 1.0.6?
Attachments
The page isn't working
The page isn't working
Issue.PNG (30.79 KiB) Viewed 2308 times
Changing password
Changing password
password change.PNG (80.64 KiB) Viewed 2309 times
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

Hi guys,
I found the way to fix the issue by modify the cacti database to change the "must_change_password" in the table "user_auth" to none.
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

After logged in I see the logs as below.
2017-03-15 23:40:02 - SYSTEM STATS: Time:1.1523 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:5 RRDsProcessed:5
2017-03-15 23:37:31 - AUTH LOGIN: User 'admin' Authenticated
2017-03-15 23:35:03 - SYSTEM STATS: Time:1.1522 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:5 RRDsProcessed:5
2017-03-15 23:33:10 - CMDPHP PHP ERROR Backtrace: (CactiShutdownHandler)(/lib/functions.php: 4303 cacti_debug_backtrace)
2017-03-15 23:33:10 - ERROR PHP ERROR: Call to undefined function password_verify() in file: /var/www/html/cacti/auth_changepassword.php on line: 113
2017-03-15 23:30:02 - SYSTEM STATS: Time:1.1534 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:5 RRDsProcessed:5
2017-03-15 23:27:10 - CMDPHP PHP ERROR Backtrace: (CactiShutdownHandler)(/lib/functions.php: 4303 cacti_debug_backtrace)
2017-03-15 23:27:10 - ERROR PHP ERROR: Call to undefined function password_verify() in file: /var/www/html/cacti/auth_changepassword.php on line: 113
2017-03-15 23:27:09 - CMDPHP PHP ERROR Backtrace: (CactiShutdownHandler)(/lib/functions.php: 4303 cacti_debug_backtrace)
2017-03-15 23:27:09 - ERROR PHP ERROR: Call to undefined function password_verify() in file: /var/www/html/cacti/auth_changepassword.php on line: 113
2017-03-15 23:25:57 - CMDPHP PHP ERROR Backtrace: (CactiShutdownHandler)(/lib/functions.php: 4303 cacti_debug_backtrace)
2017-03-15 23:25:57 - ERROR PHP ERROR: Call to undefined function password_verify() in file: /var/www/html/cacti/auth_changepassword.php on line: 113
pete68
Posts: 4
Joined: Wed Mar 15, 2017 11:00 pm

Re: Cacti 1.0.x first time password change

Post by pete68 »

I have the same problem with version 1.0.6 on Centos 7 (Linux cacti.intranet 3.10.0-514.10.2.el7.x86_64).

I tried the work around by editing DB table but the field is only 2 characters wide so "none" doesn't fit and "no" didn't work either.

must_change_password char(2) Yes None NULL

Seems to be a problem with the following line of code but not being a coder I can't quite work it out:-

if ((!password_verify(get_nfilter_request_var('current_password'), $user['password'])) && $user['password'] != $current_password_old) {

Any easy way to bypass the change password option on initial setup?

Thanks

Pete
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

Yeah, i was mean Null.
I am sorry, I used incorrect word
pete68
Posts: 4
Joined: Wed Mar 15, 2017 11:00 pm

Re: Cacti 1.0.x first time password change

Post by pete68 »

NULL still didn't work for me so I turned on php errors and checked other php settings like safe mode was off. What I get with errors turned on is:-

Fatal error: Call to undefined function password_verify() in /var/www/html/cacti/auth_changepassword.php on line 113
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

I mean leave the must_change_password field blank in the DB.
Another thing, do you have problem with the browser was used to change the password.
I was used chrome when facing changing password issue. After modify the DB, I can login the cacti with another browser or Chrome in Incognito mode. If I use Chrome as normal, when open http://cactiserver/cacti, cacti still ask me to change the password so can't login. I tried to clear the Chrome data too but no success.
pete68
Posts: 4
Joined: Wed Mar 15, 2017 11:00 pm

Re: Cacti 1.0.x first time password change

Post by pete68 »

Tried incognito, edge, rebooted server still get same problem HTTP Error 500.
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

[root@centos7 ~]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9289
Server version: 5.6.35 MySQL Community Server (GPL)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use cacti;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from user_auth;
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
| id | username | password | realm | full_name | email_address | must_change_password | password_change | show_tree | show_list | show_preview | graph_settings | login_opts | policy_graphs | policy_trees | policy_hosts | policy_graph_templates | enabled | lastchange | lastlogin | password_history | locked | failed_attempts | lastfail | reset_perms |
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
| 1 | admin | 21232f297a57a5a743894a0e4a801fc3 | 0 | Administrator | NULL | NULL | on | on | on | on | NULL | 2 | 1 | 1 | 1 | 1 | on | -1 | -1 | -1 | 0 | 0 | 0 | 0 |
| 3 | guest | 43e9a4ab75570f5b | 0 | Guest Account | | on | on | on | on | on | 3 | 1 | 1 | 1 | 1 | 1 | | -1 | -1 | -1 | | 0 | 0 | 0 |
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
2 rows in set (0.00 sec)

mysql> select * from user_auth where id=1
-> ;
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
| id | username | password | realm | full_name | email_address | must_change_password | password_change | show_tree | show_list | show_preview | graph_settings | login_opts | policy_graphs | policy_trees | policy_hosts | policy_graph_templates | enabled | lastchange | lastlogin | password_history | locked | failed_attempts | lastfail | reset_perms |
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
| 1 | admin | 21232f297a57a5a743894a0e4a801fc3 | 0 | Administrator | NULL | NULL | on | on | on | on | NULL | 2 | 1 | 1 | 1 | 1 | on | -1 | -1 | -1 | 0 | 0 | 0 | 0 |
+----+----------+----------------------------------+-------+---------------+---------------+----------------------+-----------------+-----------+-----------+--------------+----------------+------------+---------------+--------------+--------------+------------------------+---------+------------+-----------+------------------+--------+-----------------+----------+-------------+
1 row in set (0.01 sec)

mysql> update user_auth set must_change_password="" where id=1
-> ;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
Try the above sql update then use another browser.
anhtuan206
Posts: 8
Joined: Tue Mar 14, 2017 10:47 pm

Re: Cacti 1.0.x first time password change

Post by anhtuan206 »

Don't forget to set password for admin. I don't know the default password:
msql> update user_auth set password="" where id=1;
pete68
Posts: 4
Joined: Wed Mar 15, 2017 11:00 pm

Re: Cacti 1.0.x first time password change

Post by pete68 »

Thanks that worked in the end but broke my access with last command but this does work:-

mysql -u root -p

use cacti;

select * from user_auth;

select * from user_auth where id=1;

update user_auth set must_change_password="" where id=1;

update user_auth set password=md5('admin') where username='admin';

Cheers

Pete
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest