Thank you rtmistler and widget for your feedback.
Turns out that the PAM module was messed up, presumably during the failed update install process when I ran out of space.
Here's a breakdown of what I ran through to resolve the issue.
As I mentioned previously, I was able to clean up space on the volume by deleting old kernels. This should have been a straight-forward process but having the system in an inconsistent state caused problems. I couldn't do anything with apt-get or aptitude because one of my installed packages was missing a dependency (kernel update) and there was no space left on the volume to install the missing package. I was finally able to work around this by running the following in the recovery console with networking disabled:
Code:
apt-get --ignore-missing remove "linux-(image(-extra)?|headers)-3.13.0-3[256].*" linux-headers-3.13.0-39-generic+
This allowed me to remove versions 3.13.0-32, -35 and -36 of linux-headers, linux-image and linux-image-extra, as well as their generic counterparts. The final argument was required to trick apt-get into thinking I wanted to also install the package that was a missing dependency and the --ignore-missing switch allowed apt-get to proceed to with the removal of the packages I wanted to remove even though the installation failed due to lack of connectivity to the repository.
With almost a gig of space freed by removing the old kernels, I was able to enable networking and fix my broken dependencies.
Once all of that was done I rebooted but found no change in my ability to log in. I was now able to boot successfully to the -39 kernel (prior to the fix a normal boot to -39 failed, for understandable reasons) but I was still getting password errors when trying to log in to my desktop.
I searched the internet some more and found a reference to the "sanity check" application
debsums. I installed it (via recovery console) and scanned for hash mismatches.
This returned a single file so I used dpkg to figure out which package that file belonged to (dpkg itself) and the reinstalled that package with aptitude:
Code:
dpkg -S /sbin/start-stop-daemon
aptitude reinstall dpkg
After this I confirmed a clean bill of health for both the system files and the config files using debsums and rebooted again; still no joy.
At this point I started to wonder if there was an issue with PAM since everything except authentication seemed to be working normally. I am not terribly familiar with how PAM works, but it seemed like reinstalling the PAM module(s) was a good place to start.
I used dpkg to find a list of packages that I thought might be related to PAM and then reinstalled one of them with aptitude.
Code:
dpkg --get-selections | grep pam
aptitude reinstall libpam-cap
As part of the post-package install process, aptitude reported a failure with pam-auth-update due to changes in the the local common files (/etc/pam.d/common-*).
I couldn't think of anything that I had done that would have modified those files so I backed them up and then ran:
Code:
pam-auth-update --force
I rebooted one last time and confirmed that, at last, I was able to log in successfully.
With the system apparently back in working order, I diffed the contents of /etc/pam.d/common-* against my backups and found that common-account and common-auth had both been blanked out somehow; the backup files were completely empty. I suspect the disk ran out of space while these files were being updated by the initial update process that filled up my / volume and, as a result, the were replaced with blank files. Manually running pam-auth-update restored the files to their default state and now things seem to be working normally again.