Fedora Account System
Red Hat Associate
Red Hat Customer
When i run dnf upgrade I get the following errors in my logs. Mär 31 15:44:35 terence (systemd-stdio-bridge)[26220]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog Mär 31 15:44:35 terence (systemd-stdio-bridge)[26221]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog Mär 31 15:44:35 terence (systemd-stdio-bridge)[26220]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so Mär 31 15:44:35 terence (systemd-stdio-bridge)[26221]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so Mär 31 15:44:35 terence (systemd-stdio-bridge)[26224]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog Mär 31 15:44:35 terence (systemd-stdio-bridge)[26224]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so Mär 31 15:44:35 terence (systemd-stdio-bridge)[26223]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog Mär 31 15:44:35 terence (systemd-stdio-bridge)[26223]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so I didn’t find anything suspicious. │ File: /etc/authselect/postlogin 1 │ # Generated by authselect 2 │ # Do not modify this file manually, use authselect instead. Any user changes will be overwritten. 3 │ # You can stop authselect from managing your configuration by calling 'authselect opt-out'. 4 │ # See authselect(8) for more details. 5 │ 6 │ 7 │ 8 │ session optional pam_umask.so silent 9 │ session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet 10 │ session [default=1] pam_lastlog2.so silent 11 │ session optional pam_lastlog2.so silent > authselect current Profile ID: local Enabled features: - with-silent-lastlog - with-fingerprint - with-mdns4 Reproducible: Always
Not sure, but it seems like I can't reproduce the problem anymore since I reapplied the current profile with sudo authselect apply-changes
I didn't notice the error in my last 2 upgrades either. However, today I got it when I run "systemctl --user --machine=webdav@host restart webdav" also with start/stop, but not when running status.
Just upgraded from Fedora 43 to Fedora 44 and hit this issue. # authselect current Profile ID: sssd Enabled features: - without-nullok - with-mdns4 # rpm -qf /usr/lib64/security/pam_lastlog2.so liblastlog2-2.41.4-7.fc44.x86_64 # ldd /usr/lib64/security/pam_lastlog2.so linux-vdso.so.1 (0x00007f9e863c5000) liblastlog2.so.2 => /lib64/liblastlog2.so.2 (0x00007f9e86393000) libsqlite3.so.0 => /lib64/libsqlite3.so.0 (0x00007f9e86207000) libc.so.6 => /lib64/libc.so.6 (0x00007f9e8600c000) libm.so.6 => /lib64/libm.so.6 (0x00007f9e85ef5000) /lib64/ld-linux-x86-64.so.2 (0x00007f9e863c7000) # nm -D /usr/lib64/security/pam_lastlog2.so | grep pam_syslog U pam_syslog so indeed, the symbol is unknown.
# ldd -r /usr/lib64/security/pam_lastlog2.so linux-vdso.so.1 (0x00007fb622fcd000) liblastlog2.so.2 => /lib64/liblastlog2.so.2 (0x00007fb622f9b000) libsqlite3.so.0 => /lib64/libsqlite3.so.0 (0x00007fb622e0f000) libc.so.6 => /lib64/libc.so.6 (0x00007fb622c14000) libm.so.6 => /lib64/libm.so.6 (0x00007fb622afd000) /lib64/ld-linux-x86-64.so.2 (0x00007fb622fcf000) undefined symbol: pam_syslog (/usr/lib64/security/pam_lastlog2.so) undefined symbol: pam_getenv (/usr/lib64/security/pam_lastlog2.so) undefined symbol: pam_get_item (/usr/lib64/security/pam_lastlog2.so) undefined symbol: pam_modutil_getpwnam (/usr/lib64/security/pam_lastlog2.so) undefined symbol: pam_prompt (/usr/lib64/security/pam_lastlog2.so) looks like there are several undefined symbols.
# readelf -d /usr/lib64/security/pam_lastlog2.so | grep NEEDED 0x0000000000000001 (NEEDED) Shared library: [liblastlog2.so.2] 0x0000000000000001 (NEEDED) Shared library: [libsqlite3.so.0] 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] looks like a missing linking of libpam.so
(In reply to Sandro Bonazzola from comment #5) > looks like a missing linking of libpam.so yes, but not the library. The program loading a pam module should have libpam.so loaded. This seems to be not the case in f44, maybe it's dlopened instead? # ldd /usr/sbin/systemd-stdio-bridge linux-vdso.so.1 (0x00007ff762550000) libsystemd-shared-259.5-1.fc44.so => /usr/lib64/systemd/libsystemd-shared-259.5-1.fc44.so (0x00007ff761e00000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007ff7624ef000) libc.so.6 => /lib64/libc.so.6 (0x00007ff761c05000) libcrypt.so.2 => /lib64/libcrypt.so.2 (0x00007ff7624b9000) libcrypto.so.3 => /lib64/libcrypto.so.3 (0x00007ff761600000) libm.so.6 => /lib64/libm.so.6 (0x00007ff7623a0000) /lib64/ld-linux-x86-64.so.2 (0x00007ff762552000) libz.so.1 => /lib64/libz.so.1 (0x00007ff762376000) here is f43: ldd /usr/sbin/systemd-stdio-bridge linux-vdso.so.1 (0x00007f0982027000) libsystemd-shared-258.7-1.fc43.so => /usr/lib64/systemd/libsystemd-shared-258.7-1.fc43.so (0x00007f0981a00000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f0981fd9000) libc.so.6 => /lib64/libc.so.6 (0x00007f098180d000) libacl.so.1 => /lib64/libacl.so.1 (0x00007f0981fcf000) libaudit.so.1 => /lib64/libaudit.so.1 (0x00007f0981f96000) libblkid.so.1 => /lib64/libblkid.so.1 (0x00007f0981f5a000) libcap.so.2 => /lib64/libcap.so.2 (0x00007f0981f4e000) libcrypt.so.2 => /lib64/libcrypt.so.2 (0x00007f0981f19000) libmount.so.1 => /lib64/libmount.so.1 (0x00007f09817b8000) libcrypto.so.3 => /lib64/libcrypto.so.3 (0x00007f0981200000) libpam.so.0 => /lib64/libpam.so.0 (0x00007f0981f08000) libseccomp.so.2 => /lib64/libseccomp.so.2 (0x00007f0981eda000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f0981787000) libm.so.6 => /lib64/libm.so.6 (0x00007f098110b000) /lib64/ld-linux-x86-64.so.2 (0x00007f0982029000) libattr.so.1 => /lib64/libattr.so.1 (0x00007f0981780000) libcap-ng.so.0 => /lib64/libcap-ng.so.0 (0x00007f0981778000) libz.so.1 => /lib64/libz.so.1 (0x00007f098174e000) libeconf.so.0 => /lib64/libeconf.so.0 (0x00007f0981741000) libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007f098105e000) looks like a systemd issue...
yeah, pam_lastlog2 must to be linked with libpam.so same issue on f43 (undefined symbols) but it does not matter there because systemd-* programs are also linked to libpam.so, this is no longer the case in f44.
> looks like a systemd issue... That sounds backwards. A library should link with whatever it needs. It is not the one linking to a library that should provide the symbol it needs. The one linking shouldn't even have to know what the library needs.
Not sure if this is related, but since this is happening, I have no longer the logout/terminate session option in Gnome Shell.
Raising severity due to functionality loss.
*** Bug 2468510 has been marked as a duplicate of this bug. ***
Sorry for the delay. https://github.com/util-linux/util-linux/pull/4358 should fix it. I'll backport it to Fedora ASAP.
FEDORA-2026-f687515f45 (util-linux-2.42.1-2.fc45) has been submitted as an update to Fedora 45. https://bodhi.fedoraproject.org/updates/FEDORA-2026-f687515f45
FEDORA-2026-f687515f45 (util-linux-2.42.1-2.fc45) has been pushed to the Fedora 45 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2026-e8181c67ff (util-linux-2.41.4-8.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2026-e8181c67ff
FEDORA-2026-e8181c67ff has been pushed to the Fedora 44 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-e8181c67ff` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-e8181c67ff See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2026-e8181c67ff (util-linux-2.41.4-8.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.