LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-24-2004, 06:04 AM   #1
nikoon
LQ Newbie
 
Registered: Oct 2003
Distribution: mandrake
Posts: 8

Rep: Reputation: 0
bad Pam config => unable to login anymore


Hello,

I'am looking for a good manual to configure PAM.... Does someone have an interresting one?
My distrib is gentoo....
Anyway, since i 've made an etc-update after emerge -u world , my pam config is broken , and now i c'ant login from any terminal (vc/1 or ssh) and from any user, and i tried to change root password but i has no effect .
My issue comes from the fact that i have no way to see what's wrong in pam config....
The only thing i see is in /var/log/message:
Code:
Apr 23 19:00:48 archiserveur cron[6257]: (CRON) STARTUP (fork ok)
Apr 23 19:01:00 archiserveur CRON[6320]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )
Apr 23 19:01:04 archiserveur login(pam_unix)[6313]: authentication failure; logname= uid=0 euid=0 tty=/dev/vc/1 ruser= rhost=  user=root
Apr 23 19:01:06 archiserveur login[6313]: FAILED LOGIN 1 FROM /dev/vc/1 FOR root, Authentication failure
Apr 23 19:01:23 archiserveur login[6313]: FAILED LOGIN 2 FROM /dev/vc/1 FOR root, Authentication failure
Apr 23 19:01:39 archiserveur login[6313]: FAILED LOGIN SESSION FROM /dev/vc/1 FOR root, Authentication failure
Apr 23 19:01:42 archiserveur login(pam_unix)[6313]: 2 more authentication failures; logname= uid=0 euid=0 tty=/dev/vc/1 ruser= rhost=  user=root
Apr 23 19:01:44 archiserveur init: Switching to runlevel: 6
I need help !! it 's so hard not to be able to log...
 
Old 04-24-2004, 12:17 PM   #2
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
AFAIK the same/similar error message appears after removing consoles, etc from /etc/securetty

Can you login as normal system user and then switch to root using su ?
 
Old 04-25-2004, 04:47 AM   #3
nikoon
LQ Newbie
 
Registered: Oct 2003
Distribution: mandrake
Posts: 8

Original Poster
Rep: Reputation: 0
No login at all....

Not i can't login from any of my user...

in my folder i can found :
access.conf console.apps group.conf pam_env.conf
chroot.conf console.perms limits.conf time.conf

Here is my console.perms

# /etc/security/console.perms
#
# This file determines the permissions that will be given to priviledged
# users of the console at login time, and the permissions to which to
# revert when the users log out.

# format is:
# <class>=list of regexps specifying consoles or globs specifying files
# file-glob|<class> perm dev-regex|<dev-class> \
# revert-mode revert-owner[.revert-group]
# the revert-mode, revert-owner, and revert-group are optional, and default
# to 0600, root, and root, respectively.
#
# For more information:
# man 5 console.perms

# file classes -- these are regular expressions
<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]\.[0-9] :[0-9]
<xconsole>=:[0-9]\.[0-9] :[0-9]

# device classes -- these are shell-style globs
<serial>=/dev/ttyS*
<floppy>=/dev/fd[0-1]* \
/dev/floppy/* /mnt/floppy*
<sound>=/dev/dsp* /dev/audio* /dev/midi* \
/dev/mixer* /dev/sequencer* \
/dev/sound/* /dev/snd/* /dev/beep \
/dev/admm* \
/dev/adsp* /dev/aload* /dev/amidi* /dev/dmfm* \
/dev/dmmidi* /dev/sndstat
<cdrom>=/dev/cdrom* /dev/rdvd /dev/ide/*/*/*/*/cd /dev/scsi/*/*/*/*/cd \
/dev/cdroms/* /dev/cdwriter* /mnt/cdrom*
<pilot>=/dev/pilot
<jaz>=/mnt/jaz*
<zip>=/mnt/pocketzip* /mnt/zip*
<ls120>=/dev/ls120 /mnt/ls120*
<scanner>=/dev/scanner /dev/usb/scanner*
<rio500>=/dev/usb/rio500
<camera>=/mnt/camera* /dev/usb/dc2xx* /dev/usb/mdc800*
<memstick>=/mnt/memstick*
<flash>=/mnt/flash*
<diskonkey>=/mnt/diskonkey*
<rem_ide>=/mnt/microdrive*
<fb>=/dev/fb /dev/fb[0-9]* \
/dev/fb/*
<kbd>=/dev/kbd
<joystick>=/dev/js[0-9]*
<v4l>=/dev/video* /dev/radio* /dev/winradio* /dev/vtx* /dev/vbi* \
/dev/video/* /dev/vttuner
<gpm>=/dev/gpmctl
<dri>=/dev/nvidia* /dev/3dfx*
<mainboard>=/dev/apm_bios
<burner>=/dev/scd* /dev/sg* /dev/pcd* /dev/pg* /dev/cdwriter /dev/scsi/*/*/*/*/generic
<usb>=/dev/usb/dabusb* /dev/usb/mdc800* /dev/usb/rio500 /dev/ttyUSB* \
/proc/usb/[0-9][0-9][0-9]/[0-9][0-9][0-9]

# permission definitions
<console> 0660 <serial> 0660 root.tty
<console> 0660 <floppy> 0660 root.floppy
<console> 0600 <sound> 0600 root.audio
<console> 0600 <cdrom> 0660 root.cdrom
<console> 0600 <pilot> 0660 root.uucp
<console> 0600 <jaz> 0660 root.disk
<console> 0600 <zip> 0660 root.disk
<console> 0600 <ls120> 0660 root.disk
<console> 0600 <scanner> 0600 root
<console> 0600 <camera> 0600 root
<console> 0600 <memstick> 0600 root
<console> 0600 <flash> 0600 root
<console> 0600 <diskonkey> 0660 root.disk
<console> 0600 <rem_ide> 0660 root.disk
<console> 0600 <fb> 0600 root
<console> 0600 <kbd> 0600 root
<console> 0600 <joystick> 0600 root
<console> 0600 <v4l> 0600 root.sys
<console> 0700 <gpm> 0700 root
<console> 0600 <mainboard> 0600 root
<console> 0660 <burner> 0660 root.cdrw
<console> 0600 <usb> 0660 root.usb
<console> 0600 <rio500> 0600 root

<xconsole> 0600 /dev/console 0600 root.root
<xconsole> 0600 <dri> 0600 root

Any idea?
 
Old 11-05-2004, 09:45 AM   #4
gomeje
LQ Newbie
 
Registered: Nov 2004
Posts: 2

Rep: Reputation: 0
I have de same problem

I have the same problem after the installation of gentoo linux.
Any one know how to solve it?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
pam config balajee Linux - Software 1 05-25-2005 01:07 PM
Unable to login anymore !! Is it x windows prems Linux - Newbie 2 03-01-2005 04:14 PM
PAM config for SAMBA Micah Linux - Networking 3 02-22-2004 02:59 AM
HELP!!, Can't login anymore because I screwed up network config ern_day Linux - Newbie 5 07-14-2003 02:16 AM
Unable to install RPM packages (a PAM issue - i think!) thebeardedladie Linux - Software 5 11-18-2002 07:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration