RHEL 7.5 service behind password updates?

Question

RHEL 7.5: A single user could not sudo because of password failure. Password resets did not work. Account was unlocked

/var/log/secure said something like, "pw change set for a future date"

I ran chronyc --makestep, to see that my time was synced. This got rid of that error. But then I received:

Jul  9 13:40:09 ip-10-100-10-147 sudo: pam_unix(sudo-i:auth): conversation failed
Jul  9 13:40:09 ip-10-100-10-147 sudo: pam_unix(sudo-i:auth): auth could not identify password for [username]

I modified /etc/login.defs to ensure the MIN_PASS was -1, updated authconfig, logged out and logged back in, but was still unable to get this users account to work with a new password. Only once I rebooted, was I able to fix this.

Is there any service I could have restarted that would have prevented me from having to reboot?

Answer 1

Depends on the system configuration. You can have a look at /etc/nsswitch.conf to see which user/password databases are used on the system.

In case you find sss entries, you could have restarted sssd or cleaned its cache with the sss_cache command.