Hello, On Fri, Apr 11, 2008 at 09:57:40AM +0200, [EMAIL PROTECTED] wrote: > Nicolas François wrote: >> >> Could you also test if the bug is fixed in the new version 1:4.1.1-1? > > No it's not fixed in 1:4.1.1-1.
Thanks for checking. > With SYSLOG_SU_ENAB set to yes and the SULOG_FILE defined, nothing gets > written to the file : the segfault occurs before. When deactivating the > pkcs11 stuff, I've checked that this file gets correctly written to when > using su. Commenting the SULOG_FILE line might fix this bug. Could you check this? If it still fails, could you check disabling SYSLOG_SU_ENAB? > /var/log/auth.log contains : > > --- CUT --- > Apr 11 09:49:19 houlala pam_p11[17848]: fatal: pkcs11_sign failed > Apr 11 09:49:19 houlala pam_p11[17848]: pam_authenticate: Authentication > service cannot retrieve authentication info > --- CUT --- Are there also some lines related to su? I'm looking for messages like: su[...]: FAILED su for foo by bar and su[...]: pam_authenticate: Authentication service cannot retrieve authentication info My idea is that su could not guess the tty name, and this fails in sulog. I hope to be able to reproduce it with another module, and will try to come with a solution next week. Best Regards, -- Nekral
