Red Hat Bugzilla – Bug 505266
PAM unable to dlopen(/lib64/security/pam_fprintd.so)
Last modified: 2013-07-18 13:44:49 EDT
Description of problem:
/var/log/secure has lots of messages like this one:
"Jun 10 23:33:37 hermes su: PAM unable to dlopen(/lib64/security/pam_fprintd.so): /lib64/security/pam_fprintd.so: cannot open shared object file: No such file or directory
Jun 10 23:33:37 hermes su: PAM adding faulty module: /lib64/security/pam_fprintd.so
Jun 10 23:33:41 hermes su: pam_unix(su-l:session): session opened for user root by ciupicri(uid=500)"
Version-Release number of selected component (if applicable):
coreutils-7.2-1.fc11.x86_64.rpm (the package for su)
Steps to Reproduce:
1. $ exec su -
PAM errors in /var/log/secure
no PAM errors in /var/log/secure
I haven't changed any PAM configuration, or any other authentication/authorization setting. I'm using the default settings.
In spite of those errors su is running fine. I haven't noticed any problems yet.
This is certainly not a bug in PAM.
Either disable Fingerprint authentication in the system-config-authentication dialog or install fprintd-pam package.
This seems to be a bug somewhere, but not necessarily related to the package.
/var/log/secure reports a problem of a faulty PAM module (/lib64/security/pam_fprintd.so). This is a link, which points to "pam_fprintd.so.0.0.0".
The rpm package, however, does include the actual pam-module. Reinstalling the single package solves the problem.
(In reply to comment #2)
> /var/log/secure reports a problem of a faulty PAM module
> (/lib64/security/pam_fprintd.so). This is a link, which points to
$ ls /lib64/security/pam_fprintd*
ls: cannot access /lib64/security/pam_fprintd*: No such file or directory
This is a bug in pam.
- I do not have a fingerprint reader.
- I do not have fprintd-pam package installed.
pam package contains config files that reference files provided by fprintd-pam. That is broken.
This is a minimal install without X libs or gtk; I cannot install system-config-authentication.
No, it is not. PAM contains only one file referencing the pam_fprintd - /etc/pam.d/fingerprint-auth, but this file is not used on system without gdm. Anaconda probably called authconfig (command line utility which does not need X or gtk) to configure pam_fprintd to system-auth.
Hmmm. I did a minimal text install (i.e. linux text in installer boot prompt). Default text install (no GDM, no X) ended up with pam configured to use fprint. I assume that would be an anaconda bug then?
I have also seen this exact same problem in the same circumstances. Minimum text install for my home server and get the /lib64/security/pam_fprintd.so in /var/log/secure with no manual config changes.
I've just tried running authconfig --disablefingerprint --update and this has removed the pam_fprintd.so references in /etc/pam.d/system-auth and /etc/pam.d/system-auth-ac but not in /etc/pam.d/fingerprint-auth or /etc/pam.d/fingerprint-auth-ac.
Let's see if this stops the errors appearing.
Just for anyone reading this bug after searching teh internetz for the /lib64/security/pam_fprintd.so error, running
authconfig --disablefingerprint --update
does indeed fix the problem (for text installations at least)
*** Bug 518056 has been marked as a duplicate of this bug. ***
I didn´t the authconfig.
I just did yum -y install fprintd-pam and that solve the error messages, this really fiz the message erro.
(In reply to comment #11)
> I didn´t the authconfig.
> I just did yum -y install fprintd-pam and that solve the error messages, this
> really fiz the message erro.
(I have Fedora-13-LXDE installed).
I did the same but it caused my login session to freeze up. I could log out but I couldn't restart or shutdown. I did have mouse support though.
* gnome-keyring-daemon was looking specifically for org.gnome.sessionmanager which I don't have because I'm using lxsession.
* xscreensaver couldn't find my password. I think it was looking for a fingerprint - just a guess.
Anyway I removed it.
Just got this too.
[root@nohats ~]# grep pam_fprintd /etc/pam.d/*
/etc/pam.d/fingerprint-auth:auth sufficient pam_fprintd.so
/etc/pam.d/fingerprint-auth-ac:auth sufficient pam_fprintd.so
/etc/pam.d/system-auth:auth sufficient pam_fprintd.so
/etc/pam.d/system-auth-ac:auth sufficient pam_fprintd.so
[root@nohats ~]# rpm -qV pam
....L.... c /etc/pam.d/fingerprint-auth
....L.... c /etc/pam.d/password-auth
....L.... c /etc/pam.d/smartcard-auth
....L.... c /etc/pam.d/system-auth
yum reinstall pam did not work. And no .rpmnew file was there. But the following worked:
mv /etc/pam.d/system-auth /tmp
yum reinstall pam
[root@nohats ~]# grep fprintd /etc/pam.d/system-auth
So perhaps something in the upgrade path causing this