Bug 180943 – Cannot login on system's console

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 180943 - Cannot login on system's console

Summary:	Cannot login on system's console

Status:	CLOSED NOTABUG

Aliases:	None

Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	pam (Show other bugs)
Sub Component:
Version:	4.0
Hardware:	x86_64 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Tomas Mraz
QA Contact:	Jay Turner
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2006-02-10 12:20 EST by Jason Martens
Modified:	2015-01-07 19:11 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2006-02-13 10:24:50 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Jason Martens 2006-02-10 12:20:16 EST

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051224 Debian/1.5.dfsg-3 Firefox/1.5

Description of problem:
When attempting to log in to the system's console, I get the following error messages:

Feb 10 04:31:46 hostname login: PAM unable to resolve symbol: pam_sm_authenticate
Feb 10 04:31:46 hostname login: PAM unable to resolve symbol: pam_sm_setcred
Feb 10 04:31:53 hostname login: FAILED LOGIN SESSION FROM (null) FOR root, Module is unknown

This only happens from the console. I am able to log in via ssh without a problem using publickey and username/password.

Version-Release number of selected component (if applicable):
pam-0.77-66.13

How reproducible:
Always

Steps to Reproduce:
1. Attempt to login to the console as root.

Actual Results:  I receive the error messages listed and the hostname login: prompt returns.

Expected Results:  I should have been authenticated.

Additional info:

I disabled the RPC services on this system, but I tried manually starting them, and it had no effect.

Comment 1 Tomas Mraz 2006-02-13 02:39:54 EST

What contains /etc/pam.d/login and /etc/pam.d/system-auth?

Comment 2 Jason Martens 2006-02-13 10:12:13 EST

[root@server ~]# cat /etc/pam.d/login
#%PAM-1.0
auth       required     pam_securetty.so
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
auth       required     pam_limits.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_stack.so service=system-auth
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should be the last session rule
session    required     pam_selinux.so multiple open
[root@server ~]# cat /etc/pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5
shadow
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so


Note, selinux is in warn mode only.

Comment 3 Tomas Mraz 2006-02-13 10:24:50 EST

This is misconfiguration, pam_limits.so cannot be used in auth phase.

Comment 4 Jason Martens 2006-02-13 11:35:56 EST

Hmm, ok. After removing pam_limits.so from /etc/pam.d/login, I was able to log
in again.  I guess the question is just how it got there in the first place, as
I'm pretty sure I did not put it there myself.  For future reference, the only
non-redhat thing that I've installed is Oracle 10g.  Maybe that added it at some
point.

Note You need to log in before you can comment on or make changes to this bug.