login always fails after first failed attempt, libgcrypt warning
Linux From ScratchThis Forum is for the discussion of LFS.
LFS is a project that provides you with the steps necessary to build your own custom Linux system.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using LFS 7.5. I followed the book but added some packages from BLFS. I rebuilt libcrack and shadow using PAM. My /etc/pam.d/login file looks like :
# Begin /etc/pam.d/login
# Set failure delay before next prompt to 3 seconds
auth optional pam_faildelay.so delay=3000000
# Check to make sure that the user is allowed to login
auth requisite pam_nologin.so
# Check to make sure that root is allowed to login
# Disabled by default. You will need to create /etc/securetty
# file for this module to function. See man 5 securetty.
#auth required pam_securetty.so
# Additional group memberships - disabled by default
#auth optional pam_group.so
# include the default auth settings
auth include system-auth
# check access for the user
account required pam_access.so
# include the default account settings
account include system-account
# Set default environment variables for the user
session required pam_env.so
# Set resource limits for the user
session required pam_limits.so
# Display date of last login - Disabled by default
session optional pam_lastlog.so
# Display the message of the day - Disabled by default
session optional pam_motd.so
# Check user's mail - Disabled by default
#session optional pam_mail.so standard quiet
# include the default session and password settings
session include system-session
password include system-password
You should see syslog messages. It outputs some meaningful messages so we can diagnose what's wrong. Also check your /etc/pam.d/*files. They may give exact reason for problem. Also read pam user guide available from same site you downloaded libPAM.
The PAM user guide is thorough but equally misleading and confusing as to what you might need.
The BLFS defaults are what you need to start from first, but first figuring out what account he's logging in from first is where we need to start from.
Hmmm... Okay let's try this. Start at the PAM section and redraft all of the configuration files for PAM, shadow, and any other BLFS packages that utilize PAM, and maybe even rebuild a few of the packages as needed. If this works, this should restore PAM back to a default setting for B/LFS.
Rebuild libgcrypt and reinstall it. Or see if an update is available in the latest book. Rebuild PAM if needed also.
Find your host's /etc/securetty file and copy it to /etc on your B/LFS partition. In the login configuration, enable the root login feature. Try logging in.
On your primary user account, try adding it to the wheel group. If you have sudo installed, make sure you set sudo's configuration as needed.
Reconfigure any usage of modules to use pam_unix.so. This is a universal access module and should allow unimpeded operation of packages. Use with care though and do this only for diagnostic purposes.
If all else fails, you may need to go back and remove PAM and rebuild any components using it to work without PAM and find out what happened. If you saved your preconfigured and cleaned sources this will help.
If from here you are at a loss, try asking on the BLFS mailing list. I don't use PAM myself as I often find it to be an annoyance that's better left out.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.