Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Jun 2014 10:41:15 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 191151] New: Relative module path in PAM service description file does not work well
Message-ID:  <bug-191151-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191151

            Bug ID: 191151
           Summary: Relative module path in PAM service description file
                    does not work well
           Product: Base System
           Version: 10.0-RELEASE
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: rehak@tekkirk.org

PAM.CONF(5) claims:

     The module-path field specifies the name or full path of the module to
     call.  If only the name is specified, the PAM library will search for it
     in the following locations:

     1.   /usr/lib
     2.   /usr/local/lib

When I use

auth    required    pam_ldap.so.1    no_warn try_first_pass

instead of

auth    required    /usr/local/lib/pam_ldap.so.1    no_warn try_first_pass

I get following errors when system starts.

Jun 18 10:24:17 lien login: in openpam_load_module(): no pam_ldap.so.1 found
Jun 18 10:24:17 lien login: pam_start(): system error
Jun 18 10:24:17 lien login: in openpam_load_module(): no pam_ldap.so.1 found
Jun 18 10:24:17 lien login: pam_start(): system error
Jun 18 10:24:17 lien login: in openpam_load_module(): no pam_ldap.so.1 found
Jun 18 10:24:17 lien login: pam_start(): system error
Jun 18 10:24:17 lien login: in openpam_load_module(): no pam_ldap.so.1 found
Jun 18 10:24:17 lien login: pam_start(): system error
Jun 18 10:24:17 lien init: getty repeating too quickly on port /dev/ttyv1,
sleeping 30 secs

This issue disallows me to log into as root. getent proved that LDAP itself
works fine.

/etc/nsswitch.conf:
mrehak@lien:~$ cat /etc/nsswitch.conf 
group: files ldap
hosts: files dns
networks: files
passwd: files ldap
shells: files
services: files
protocols: files
rpc: files

I did freebsd-update fetch and install on June 4 and forgot to restart. Today I
have found the machine in this state after reboot. As there was a PAM related
change in 10.0-RELEASE-p4 I would guess there is the cause.

In the evening I will confirm that the issue is really there. I will try the
same on the second machine.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191151-8>