Description of problem: Version-Release number of selected component (if applicable): pam-0.75-67 How reproducible: always Logwatch says: ay 3 00:01:02 r2d2 crond[9016]: PAM unable to dlopen(/lib/security/pam_krb5.so) May 3 00:01:02 r2d2 crond[9016]: PAM [dlerror: /lib/security/pam_krb5.so: cannot open shared object file: No such file or directory] This message is logged hourly
This is most probably a misconfiguration. What is contents of your /etc/pam.d/system-auth file and what says rpm -q pam_krb5?
[root@r2d2 index]# rpm -q pam_krb5 package pam_krb5 is not installed /etc/pam.d/system-auth: #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so
hmm, then what about /etc/pam.d/crond ?
/etc/pam.d/crond: [root@r2d2 index]# cat /etc/pam.d/crond # # The PAM configuration file for the cron daemon # # auth sufficient pam_rootok.so auth required pam_stack.so service=system-auth auth required pam_env.so account required pam_stack.so service=system-auth session required pam_limits.so session optional pam_krb5.so ok, here ist is... [root@r2d2 index]# rpm -qvf /etc/pam.d/crond vixie-cron-4.1-10.EL3 so it is a bug in vixie-cron, right? If yes, do I have to open a new bug?
This issue has been resolved with vixie-cron-4.1-11.EL3, so you can either upgrade to this package or remove the line "session optional pam_krb5.so" from your /etc/pam.d/crond file.
where can I get that update? I just ran up2date -u, but it is still vixie-cron-4.1-10.EL3
It was released through the optional FastTrack channel, so you need to make sure your system is registered there (up2date --nox --show-channels)