Hi Dave, as Casper Dik suggested in opensolaris-discuss@, you have misconfigured the system. I hoped man page is clear enough with EXAMPLES section... pam_list is not authentication but account module.
Best regards, Milam Dave Price píše v pá 30. 04. 2010 v 04:10 -0700: > Dear All, > > Having enabled pam_list in /etc/pam.conf I can then happily control who can > log on via ssh and that works fine. > > HOWEVER, once pam_list is included in /etc/pam.conf then console logins ALL > fail with messages > such as > > ******************************************************************************************** > Apr 30 11:32:55 phoenix login: [ID 825731 auth.error] dlsym failed > pam_sm_authenticate: error ld.so.1: login: fatal: pam_sm_authenticate: can't > find symbol > ******************************************************************************************** > > Google locates various other people reporting this sort of problem, but I > can't spot any obvious solutions. > > To provide a bit extra input, I tried running nm on a selection of pam > libraries. > > **************************************************************************************** > r...@phoenix:/var/log# nm /usr/lib/security/pam_dial_auth.so.1 | grep > pam_sm_authenticate > [58] | 2524| 1172|FUNC |GLOB |0 |12 |pam_sm_authenticate > r...@phoenix:/var/log# > *************************************************************************************** > > so that one has a pam_sm_authenticate symbol, HOWEVER > > ************************************************************************************** > r...@phoenix:/var/log# nm /usr/lib/security/pam_list.so.1 | grep > pam_sm_authenticate > r...@phoenix:/var/log# > ************************************************************************************** > > show it does indeed NOT have a pam_sm_authenticate > > So.... > > 1/. on the one, hand, is pam_list broken in some sense? > > 2/. alternatively, being pragmatic, can I do anything to stop > console logons trying to do whatever they do do that hits > this bug... > > As I say, pam_list is obviously NOT totally broken as after adding the > appropriate > line into /etc/pam.conf then it does do its job fine for ssh type logons, > allowing > in the users I want and blocking others.... > > Thanks, > Dave Price _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
