You are not logged in.
- Topics: Active | Unanswered
#1 2013-05-25 12:07:10
- shawnjgoff
- Member
- Registered: 2010-07-04
- Posts: 14
etc/pam.d/login is different - okay to replace with original?
I found an error in my journal:
May 25 07:33:49 shawntatious login[3006]: PAM unable to dlopen(/usr/lib/security/pam_ck_connector.so): /usr/lib/security/pam_ck_connector.so: cannot open shared object file: No such file or directoryThat led me to look through my pam configuration. I found that for some reason, pam_ck_connector.so was still in the /etc/pam.d/login config. I removed the line, but I wanted to see what else might be leftovers. I thought I'd try reinstalling util-linux since it owns that file, then I'd be able to look at the .pacnew; it doesn't create a .pacnew file, and it doesn't change the file at all.
So, I have a large number of differences between the files, and I'm wondering if it's safe just to clobber it with the version that's currently in util-linux.
Offline
#2 2013-05-25 12:20:12
- Spider.007
- Member
- Registered: 2004-06-20
- Posts: 1,175
Re: etc/pam.d/login is different - okay to replace with original?
I can reproduce this by adding a bogus line; re-installing util-linux doesn't create a .pacnew file. I assume this is caused by the file being in the backup array, and no actual upgrade is being done. The only solution seems to be to remove the file and re-install util-linux; this will reset the file to what's in the package
Last edited by Spider.007 (2013-05-25 12:20:28)
Offline
#3 2013-05-25 12:27:51
- shawnjgoff
- Member
- Registered: 2010-07-04
- Posts: 14
Re: etc/pam.d/login is different - okay to replace with original?
Upon looking further, I saw that the new login includes other files, and those files had much of what seemed to be missing, but there are still a few lines that weren't there:
account required pam_time.so
account required pam_unix.so
session required pam_limits.so
session optional pam_lastlog.soOffline
#4 2013-05-27 22:57:50
- cfr
- Member
- From: Cymru
- Registered: 2011-11-27
- Posts: 7,148
Re: etc/pam.d/login is different - okay to replace with original?
I checked and at least the first three of those are included via system--auth. Since I don't really want the system to lock out inactive accounts, I'd just as soon it didn't use pam_lastlog.so.
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline