Re: gdm: through to the next round

From: Jordi Castells <jorcas writeme com>
To: gnome-list gnome org
Subject: Re: gdm: through to the next round
Date: Tue, 11 Sep 2001 13:54:05 +0200
"Guillermo S. Romero / Familia Romero" escribió:

> i a uemlianin celtic co uk (2001-06-26 at 2133.11 +0100):
> > > See whether creating /etc/pam.d/gdm as a symlink pointing to the
> > > /opt/gnome... one works ...
> > This works! ... the problem with pam is fixed, but I'm not home and
> > dry yet.
> > I get the splash login screen but, typing in my login details gets
> > 'Authentication failed' for all users *and* root.  I don't even get to
> > type my password.  Is gdm not finding /etc/passwd?
>
> If you are using PAM, the apps never touch the real files. And in
> modern OS, the passwords go in /etc/shadow. You should check the PAM
> config file, probably something is wrong (PAM system follows the
> checks and ooops, one or more requisites not fulfilled, so auth
> fails).
>
> You should read the security logs, maybe put the system in debug mode
> and read what is going.
>
> Here is the gdm file for a RH62.
> ---8<--
> #%PAM-1.0
> auth       required     /lib/security/pam_pwdb.so shadow nullok
> auth       required     /lib/security/pam_nologin.so
> account    required     /lib/security/pam_pwdb.so
> password   required     /lib/security/pam_cracklib.so
> password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
> session    required     /lib/security/pam_pwdb.so
> session    optional     /lib/security/pam_console.so
> --->8---
>
> The debug mode is enable by adding "debug" to each line, as "shadow"
> parameter is. BTW, are you sure PAM follows symlinks? Sometimes libs
> or apps do not work if they found symlinks, weird permissions or other
> "small details" (that in the hands of a bastard become your worst
> nightmare, aka they are not supported to avoid attacks, last one I
> learned is that SETUID scripts do not work in Linux).
>
> GSR
>

I have a similiar problem/preocupation

All my linux box works (at the moment) but I can see in the messages log the
following lines:
gdm[509]: PAM unable to dlopen(/lib/security/pam_console.so)
gdm[509]: PAM [dlerror: /lib/security/pam_console.so: cannot open shared
object file: No existe el fichero o el directorio]
gdm[509]: PAM adding faulty module: /lib/security/pam_console.so
PAM-unix2[509]: auth: Unknown option: shadow

and it is true that I do not have pam_console.so, I never had, but this
messages worry me


I am running SuSE 7.0 with a kernel upgraded to 2.4.7 and with Gnome 1.4,

I sure that thi do not happens with the old Gnome, but the problem is I do not
know if it occurs when I upgrade the kernel or Gnome,

could anybody helps me

thanks
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]