How to fix the “passwd: authentication token manipulation error” error

Password protecting your user accounts is one of the core features of any operating system. The password is often set initially when creating the user account, but it can also be changed later on. To achieve this, the “passwd” keyword is utilized in Ubuntu. Using this keyword can often prompt the “passwd: authentication token manipulation” problem.

The following post will give you information on the causes of this issue and also the solutions to this problem.

Resolve the “passwd: authentication token manipulation” Problem

There exist various causes that will prompt this error to occur in the system. This section will list these reasons and show you how to fix them.

Reason 1: The Command is Bugged

When there are multiple changes being made to the system, the system can bug out some of its commands, and the command may not work properly. All these temporary changes can combine to cause the error.

Solution: Reboot the System

Believe it or not, rebooting the system is the best way to make sure that all these minor bugs are reset and no longer occur when the system starts up again. The system can be rebooted using the command below:

$ sudo reboot

Reason 2: Shadow File Permissions are not Set

The shadow file inside a Linux system is the file that contains passwords for the system users. These passwords are present in an encrypted form, and hence they can not be accessed by everyone to prevent someone with hostile intent from accessing them. This error can be invoked when the required read and write permissions for this file are not set. The following command will show you the permissions for this file:

$ ls -l  /etc/shadow

Solution: Set the Permissions for the Shadow File

To resolve this problem, we need to set the correct permissions for this file. To achieve this, simply run the code that is demonstrated below:

$ sudo chmod 0640 /etc/shadow

The 0640 permission grants the shadow file read and write permissions.

Reason 3: Root Partition is Read-only

Another very common reason for this problem is that the root partition mounted on the system is set to be read-only. This will cause an issue since read-only means that you are unable to change the password using the “passwd” keyword.

Solution: Remount the Root Partition

The simple fix to this issue is to remount the root partition. During the remounting, it is crucial to set the read and write permissions as well. By doing so, the read-only status will be changed. To achieve this, simply run the command shown below:

$ sudo mount -o remount,rw /

The “rw” in this command represents the “read and write” feature that is being added to the root partition.

Reason 4: Wrong PAM Configuration

The PAM (Pluggable Authentication Module) deals with various user and system authentication settings. To achieve its purpose correctly, the PAM is required to be configured properly. If it is not configured in the right way, the change in the password will not be seen as a valid token, and the error will be prompted. The configuration can be seen using the command below:

$ ls -l /etc/pam.d/

Solution: Configure PAM

If there is any problem with this module’s configuration, a simple update will resolve the problem. To do this, execute the command shown below:

$ sudo pam-auth-update

This will open up the screen shown below, where you can update all the required settings for authentication. There exist different types of authentication, as you see below. The update will reset these as shown below:

Reason 5: Disk Space Full

The disk space being full is also another common cause of this issue. If the disk is full, it becomes very difficult for the user to edit any files on the system which will cause the file size to increase as a result.

Solution: Clean Disk Space

The most obvious fix to this issue is to clean up space from the system. This can be done by simply removing unwanted software and files from the system manually.

Conclusion

The “passwd: authentication token manipulation error” can be resolved by rebooting the system or cleaning the disk if it is full. The error can also occur due to the shadow file not having the correct permissions or PAM not being configured correctly. This issue can be fixed by updating the PAM module and assigning the correct permissions to the shadow file. Finally, another fix is to change the root partition from reading to read as well as write. This article has provided the possible occurrences of the “passwd: authentication token manipulation error” and the solutions to these reasons are also addressed.