LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-30-2007, 02:48 PM   #1
Peterius
Member
 
Registered: May 2004
Distribution: Gentoo, Debian, OpenBSD, NetBSD
Posts: 158

Rep: Reputation: 16
Angry PAM install mess


I recently bought a thinkpad x60 and wanted to use the pam fingerprint module... so I compiled and installed the latest version of PAM...

This totally screwed my system, the default "make install". First, the lines "@include" in the PAM configuration files in the /etc/pam.d folder do not work. Those lines don't include anything, they're just silently ignored which locked me out of the system right after doing make install.

Went into single user mode, figured out finally that that was the problem, removed those lines and added default ones. Now I can login.

Then I find that it installed this unix_chkpwd program for helping it check shadowed passwords without the setuid bit, so some other things weren't working.

Now "sudo" as well as "sshd" do not work. I have no idea why. I've added files for them in pam.d, I've recompiled and reinstalled both enabled with PAM.

*****

With sudo, I'm getting "sudo: pam_unix(sudo:auth): authentication failure; logname=peterius uid=0 euid=0 tty=tty2 ruser= rhost= user=peterius"

This is in the auth.log. I tried adding the "debug" and "audit" after "pam_unix.so" in the configuration files but apparently this doesn't do anything.

I also cannot find a single pam_unix auth entry in any log file that was successful. I'm thinking that its still not reading the passwords file correctly but login and su are getting their authentication fix from somewhere else and circumventing PAM's brokenness.

*****

I assumed that PAM would simply provide a pluggable module security interface to programs that requested it through a set of libraries. I am greatly disturbed that it seems unable to legitimately authenticate anything. I thought that installing this would allow versatility in authentication that defaulted to what it was before but instead it just broke everything. I should have just thrown mud at my laptop. It would have been a lot easier.

*****

Any help in fixing this would be greatly appreciated...
 
Old 04-30-2007, 05:43 PM   #2
Peterius
Member
 
Registered: May 2004
Distribution: Gentoo, Debian, OpenBSD, NetBSD
Posts: 158

Original Poster
Rep: Reputation: 16
nevermind

Nevermind. I'm just perfectionistic, impatient, and angry. I think I fixed it all.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Since Mozilla Project Is Now Closed - Can I Un-Install It - Or Will That Mess Me Up? Old_Fogie Slackware 7 04-30-2006 05:08 PM
New PPC install ... monitor mess. bcalder01 Debian 3 09-17-2005 07:19 PM
Display Driver Install Mess Up trager Linux - Newbie 6 12-06-2004 05:12 AM
vsftpd + pam + virtual users - Pam cannot load database file. mdkelly069 Linux - Networking 3 09-23-2004 12:07 AM
Unable to install RPM packages (a PAM issue - i think!) thebeardedladie Linux - Software 5 11-18-2002 07:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration