LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-12-2008, 04:43 PM   #1
Rinish
Member
 
Registered: Apr 2005
Location: Bangalore
Distribution: Redhat, CentOS, AIX
Posts: 93

Rep: Reputation: 15
User not able to login - PAM error


OS SuSE 9.0

Users except root not able to login to the server. When tried to login it throws error "Authentication Failure"

I see the following error in /var/log/messages:

Aug 12 16:26:16 machine -- MARK --
Aug 12 16:29:06 machine login[8245]: pam_unix2: Unknown option: `required'
Aug 12 16:29:06 machine login[8245]: pam_unix2: Unknown option: `/lib/security/pam_tally.so'
Aug 12 16:29:06 machine login[8245]: pam_unix2: Unknown option: `deny=5'
Aug 12 16:29:08 machine login[8245]: pam_unix2: Unknown option: `required'
Aug 12 16:29:08 machine login[8245]: pam_unix2: Unknown option: `/lib/security/pam_tally.so'
Aug 12 16:29:08 machine login[8245]: pam_unix2: Unknown option: `reset'
Aug 12 16:29:08 machine pam_tally[8245]: user unadm (1026) tally 62, deny 2
Aug 12 16:29:08 machine login[8245]: Authentication failure


Just to give a background:
This server was up and running for long time and is having SAP, DB2 installed and running. There was an issue with the SAN connected and hence the machine were brought down gracefully. Now after I fixed the SAN issue and when tried to start the machine I found this error.
I tried creating a new user and that user logs in successfully.
/lib/security/pam_tally.so is available in the machine.

/ Rinish (rinishriju)
 
Old 08-12-2008, 05:20 PM   #2
Rinish
Member
 
Registered: Apr 2005
Location: Bangalore
Distribution: Redhat, CentOS, AIX
Posts: 93

Original Poster
Rep: Reputation: 15
Here are some more updates...

As I mentioned earlier.. I am able to login as root, from there, I am able to do su - localuser. But after that I am not able to change "localuser"'s password. when try to change password it gives the following error:

Changing password for localuser.
Old Password:
New password:
Re-enter new password:
Can't open /etc/security/opasswd: Permission denied
Canot lock password file: already locked
Error: Password NOT changed
Canot lock password file: already locked
Error: Password NOT changed
passwd: Authentication token lock busy

Last edited by Rinish; 08-12-2008 at 05:50 PM. Reason: better log than earlier
 
Old 08-13-2008, 09:03 AM   #3
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
The problem in PAM doesn't seem to be pam_tally.so. Rather, it's the use of pam_unix2.
Furthermore, it seems that the PAM config file is incorrectly parsed. It tries to see the word "required"
as an option to pam_unix2, whereas "required" more likely should indicate that authentication through pam_tally.so
is required.

Perhaps you could look for incorrect line termination at the end of the pam_unix2 line in the PAM config
or a syntax problem at the start of the pam_tally.so line?

The Pam config files are probably in /etc/pam.d or /etc/security or something similar.
You could verify the contents of /etc/security/pam_unix2.conf, the general pam_unix2 config too.

Could you check the file permissions of /etc/security/opasswd (or post the output of ls -l /etc/security/opasswd)?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
error in login as user abhinavpurwar Fedora 4 09-30-2006 08:08 AM
Two problem about "using pam to limit user login" coolend Linux - General 3 06-04-2004 01:11 PM
VSFTPD virtual user login using pam.d problem exalik Linux - Networking 3 11-07-2003 04:29 PM
PAM set a no user login policy varoquau Linux - Security 2 10-28-2003 06:37 AM
PAM User Login Authentication Failure robeb Linux - Security 5 11-16-2002 08:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration