Bug 152061 - pam_succeed_if PAM module sending "authpriv" syslog messages even if "debug" not specified.
pam_succeed_if PAM module sending "authpriv" syslog messages even if "debug" ...
Status: CLOSED DUPLICATE of bug 124979
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
2
All Linux
medium Severity low
: ---
: ---
Assigned To: Tomas Mraz
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-03-24 12:41 EST by Wayne Pollock
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-03-24 13:04:41 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Wayne Pollock 2005-03-24 12:41:55 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050317 Firefox/1.0.2

Description of problem:
This PAM module is used in the default "system-auth" PAM configuration
file.  Every login attempt gets logged with this module as
a "authpriv" event, priority unknown.  However this is the behavior
expected if the "debug" module argument was used, not if it is omitted.
There doesn't seem to be any way to stop this module from reporting these
events!

Version-Release number of selected component (if applicable):
pam-0.77-40

How reproducible:
Always

Steps to Reproduce:
1. log in as a non-system account (UID > 100)
2. Examine /var/log/secure and observe log message

  

Actual Results:  Mar 24 13:19:11 cws sshd[22657]: pam_succeed_if: requirement "uid < 100" not met by user "wpollock"


Expected Results:  No log message, as the "debug" argument is not passed to the module

Additional info:

/etc/pam.d/system-auth line:

account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100
Comment 1 Tomas Mraz 2005-03-24 13:04:41 EST
This doesn't have anything with the debug parameter. This syslog message can be
useful not only for debugging however in other cases (like this usage in the
default system-auth) it's superfluous. This is fixed in current FC3 pam.


*** This bug has been marked as a duplicate of 124979 ***

Note You need to log in before you can comment on or make changes to this bug.