Almost all pam modules shipped with RHEL 3 (U5) and RHEL 4 (U1)
have missing symbols (pam_get_item, pam_set_item,...).
Missing symbols cause pam library to fail when authentication is
performed into intermediate libs opened via dlopen by the caller program.
Missing symbols are defined in libpam that, usually, it is not linked by
This issue involves great part of the modules included in pam-*.rpm,
pam_krb5-*.rpm and may be more (for a complete list run ldd -r pam_module on the
To reproduce the problem:
1) create a shared library calling libpam auth functions.
2) create a program that uses the library created at the previous step using dlopen
3) run it.
I agree that this is a real problem and that it should be fixed.
Please enter this problem into the Support Issue Tracker so it can be properly
prioritized. Mention this bug report number in that entry.
This issue is on Red Hat Engineering's list of planned work items
for the upcoming Red Hat Enterprise Linux 3.8 release. Engineering
resources have been assigned and barring unforeseen circumstances, Red
Hat intends to include this item in the 3.8 release.
This is being fixed for modules from the basic pam package however other modules
such as pam_krb5 should be fixed as well. There should be new bug reports
against each package which contains such PAM modules.
What about RH 4?
The pam package is scheduled to be updated there as well if all goes well.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.