Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-30-2007, 02:48 PM
|
#1
|
Member
Registered: May 2004
Distribution: Gentoo, Debian, OpenBSD, NetBSD
Posts: 158
Rep:
|
PAM install mess
I recently bought a thinkpad x60 and wanted to use the pam fingerprint module... so I compiled and installed the latest version of PAM...
This totally screwed my system, the default "make install". First, the lines "@include" in the PAM configuration files in the /etc/pam.d folder do not work. Those lines don't include anything, they're just silently ignored which locked me out of the system right after doing make install.
Went into single user mode, figured out finally that that was the problem, removed those lines and added default ones. Now I can login.
Then I find that it installed this unix_chkpwd program for helping it check shadowed passwords without the setuid bit, so some other things weren't working.
Now "sudo" as well as "sshd" do not work. I have no idea why. I've added files for them in pam.d, I've recompiled and reinstalled both enabled with PAM.
*****
With sudo, I'm getting "sudo: pam_unix(sudo:auth): authentication failure; logname=peterius uid=0 euid=0 tty=tty2 ruser= rhost= user=peterius"
This is in the auth.log. I tried adding the "debug" and "audit" after "pam_unix.so" in the configuration files but apparently this doesn't do anything.
I also cannot find a single pam_unix auth entry in any log file that was successful. I'm thinking that its still not reading the passwords file correctly but login and su are getting their authentication fix from somewhere else and circumventing PAM's brokenness.
*****
I assumed that PAM would simply provide a pluggable module security interface to programs that requested it through a set of libraries. I am greatly disturbed that it seems unable to legitimately authenticate anything. I thought that installing this would allow versatility in authentication that defaulted to what it was before but instead it just broke everything. I should have just thrown mud at my laptop. It would have been a lot easier.
*****
Any help in fixing this would be greatly appreciated...
|
|
|
04-30-2007, 05:43 PM
|
#2
|
Member
Registered: May 2004
Distribution: Gentoo, Debian, OpenBSD, NetBSD
Posts: 158
Original Poster
Rep:
|
nevermind
Nevermind. I'm just perfectionistic, impatient, and angry. I think I fixed it all.
|
|
|
All times are GMT -5. The time now is 10:15 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|