Bug 174321 - Console login impossible
Console login impossible
Status: CLOSED CANTFIX
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: pam (Show other bugs)
4.0
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
none
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-11-27 16:31 EST by Iradj Atchatchloui
Modified: 2015-01-07 19:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-07 11:26:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Iradj Atchatchloui 2005-11-27 16:31:13 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; X11; Linux i686) Opera 7.23  [en]

Description of problem:
o Updated ES 4.0 --> ES 4.0 Up2
- everything has been gone OK, Exept console
o Procedure:
- from GUI -> Ctrl+Alt+F1 (- F6)
- <host> login:         --> login as a user or root.
This returns me to "<host> login:" with "Modul is unknown". This appears for a 
second, I'm again in login prompt:
<host> login:

I don't know what has been occoured during that update!


Version-Release number of selected component (if applicable):
rpm-4.3.3-7 kernel-2.6.9-5.EL

How reproducible:
Didn't try

Steps to Reproduce:
See Description
  

Actual Results:  Same as Description

Expected Results:  This problem should not occure

Additional info:
Comment 1 Petr Rockai 2005-11-28 04:08:59 EST
Hello, i don't think the problem is with console-tools, more probably pam  
(or authentication, generally). Could you please look what is written 
in /var/log/messages and /var/log/secure and provide us with these logs? It 
will help us diagnose your problem. 
Comment 2 Iradj Atchatchloui 2005-11-28 06:05:12 EST
(In reply to comment #1)
> Hello, i don't think the problem is with console-tools, more probably pam  
> (or authentication, generally). Could you please look what is written 
> in /var/log/messages and /var/log/secure and provide us with these logs? It 
> will help us diagnose your problem. 


You're right, here are the lines from messages and secure:
/var/log/messages:
Nov 28 11:32:19 <host> login(pam_unix)[3209]: session opened for user root by 
(uid=0)
Nov 28 11:32:19 <host> login[3209]: Module is unknown
Nov 28 11:32:19 <host> init: open(/dev/pts/0): No such file or directory
Nov 28 11:34:29 <host> kernel: inode_doinit_with_dentry:  
context_to_sid(system_u:object_r:winbind_helper_exec_t) returned 22 for dev=hda5 
ino=164365

/var/log/secure:
Nov 28 11:35:24 <host> login: PAM unable to dlopen(/lib/security/pam_loginuid.
so)
Nov 28 11:35:24 <host> login: PAM [dlerror: /lib/security/pam_loginuid.so: 
cannot open shared object file: No such file or directory]
Nov 28 11:35:24 <host> login: PAM adding faulty module: 
/lib/security/pam_loginuid.so
#
# ls -l /lib/security/pam_loginuid.so
ls: /lib/security/pam_loginuid.so: No such file or directory


Tried to update pam RPM, it says:
# rpm -Uhv pam-0.77-66.11.i386.rpm
warning: pam-0.77-66.11.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing...                ########################################### [100%]
error: %pre(pam-0.77-66.11.i386) scriptlet failed, exit status 255
error:   install: %pre scriptlet failed (2), skipping pam-0.77-66.11
#
Comment 3 Tomas Mraz 2005-11-28 06:59:37 EST
There is most probably some breakage on your system - the %pre scriptlet
shouldn't fail as it is very simple and doesn't use any special binaries.

Here it is:
if [ -f %{_sysconfdir}/pam.d/other ] ; then
        USEMD5=
        if [ -f /etc/sysconfig/authconfig ] ; then
                . /etc/sysconfig/authconfig
        fi
        if [ -z "$USEMD5" ] ; then
                if [ -f /etc/shadow ] ; then
                        passwdfiles="/etc/passwd /etc/shadow"
                else
                        passwdfiles="/etc/passwd"
                fi
                if cut -f2 -d: $passwdfiles | grep -q '^\$1\$' ; then
                        echo USEMD5=yes >> /etc/sysconfig/authconfig
                        USEMD5=yes
                else
                        echo USEMD5=no  >> /etc/sysconfig/authconfig
                        USEMD5=no
                fi
        fi
fi
exit 0

Could you try to run it from command line to see what happens?

You could remove the pam_loginuid.so from the /etc/pam.d/login however the real
problem is why the pam %pre scriptlet fails.
Comment 4 Iradj Atchatchloui 2005-11-28 10:08:48 EST
(In reply to comment #3)
> There is most probably some breakage on your system - the %pre scriptlet
> shouldn't fail as it is very simple and doesn't use any special binaries.
> 
> Here it is:
> if [ -f %{_sysconfdir}/pam.d/other ] ; then
>         USEMD5=
>         if [ -f /etc/sysconfig/authconfig ] ; then
>                 . /etc/sysconfig/authconfig
>         fi
>         if [ -z "$USEMD5" ] ; then
>                 if [ -f /etc/shadow ] ; then
>                         passwdfiles="/etc/passwd /etc/shadow"
>                 else
>                         passwdfiles="/etc/passwd"
>                 fi
>                 if cut -f2 -d: $passwdfiles | grep -q '^\$1\$' ; then
>                         echo USEMD5=yes >> /etc/sysconfig/authconfig
>                         USEMD5=yes
>                 else
>                         echo USEMD5=no  >> /etc/sysconfig/authconfig
>                         USEMD5=no
>                 fi
>         fi
> fi
> exit 0
> 
> Could you try to run it from command line to see what happens?
> 
> You could remove the pam_loginuid.so from the /etc/pam.d/login however the 
real
> problem is why the pam %pre scriptlet fails.
> 

o ran the "%pre scriptlet" on command line. This does not fail
o Removing the the pam_loginuid.so entry solved the problem -> console logging 
is now is possiblea
o This entry exist in ohter Systems, even though the consol loggin is no problem
o I could not find any trace of breakage on my this system!
o Still I get the failure on installing pam rpm:
- ran the script you
# rpm -Uhv pam-0.77-66.11.i386.rpm
warning: pam-0.77-66.11.i386.rpm: V3 DSA signature: NOKEY, key ID db42a60e
Preparing...                ########################################### [100%]
error: %pre(pam-0.77-66.11.i386) scriptlet failed, exit status 255
error:   install: %pre scriptlet failed (2), skipping pam-0.77-66.11
#
Comment 5 Tomas Mraz 2005-11-28 12:13:52 EST
Do you have SELinux on in enforcing mode. Have you tried relabelling the system?
Comment 6 Iradj Atchatchloui 2005-11-28 14:47:43 EST
(In reply to comment #5)
> Do you have SELinux on in enforcing mode. Have you tried relabelling the 
system?
> 
o Yes, SELinux is on enforcing Mode
o No, I did not relabeled the System. I'm not really sure, if the system will 
get a problem after relabeling or not.
Comment 7 Tomas Mraz 2005-11-28 15:13:18 EST
Could you please use the support issue tracker to report the bug? You would get
more proper attention and timely responses there.

When you report it, mention this bug number there.
Comment 8 Iradj Atchatchloui 2005-11-30 05:56:23 EST
(In reply to comment #7)
> Could you please use the support issue tracker to report the bug? You would 
get
> more proper attention and timely responses there.
> 
> When you report it, mention this bug number there.
> 
I'm in vacation, I'll be able do the support issue tracker to report the bug 
after my vacation.
It seems there are some other config things are affected too:
# useradd abc
useradd: cannot rewrite password file
#

Comment 9 Tomas Mraz 2006-08-07 11:26:45 EDT
Since there are insufficient details provided in this report for us to
investigate the issue further, and we have not received the feedback we
requested, we will assume the problem was not reproduceable or has been fixed in
a later update for this product.

Users who have experienced this problem are encouraged to upgrade to the latest
update release, and if this issue is still reproduceable, please contact the Red
Hat Global Support Services page on our website for technical support options:
https://www.redhat.com/support

If you have a telephone based support contract, you may contact Red Hat at
1-888-GO-REDHAT for technical support for the problem you are experiencing. 

Note You need to log in before you can comment on or make changes to this bug.