Bug 505266 - PAM unable to dlopen(/lib64/security/pam_fprintd.so)
PAM unable to dlopen(/lib64/security/pam_fprintd.so)
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
: 518056 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2009-06-11 05:12 EDT by Cristian Ciupitu
Modified: 2013-07-18 13:44 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-06-11 05:38:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Cristian Ciupitu 2009-06-11 05:12:40 EDT
Description of problem:
/var/log/secure has lots of messages like this one:
"Jun 10 23:33:37 hermes su: PAM unable to dlopen(/lib64/security/pam_fprintd.so): /lib64/security/pam_fprintd.so: cannot open shared object file: No such file or directory
 Jun 10 23:33:37 hermes su: PAM adding faulty module: /lib64/security/pam_fprintd.so
 Jun 10 23:33:41 hermes su: pam_unix(su-l:session): session opened for user root by ciupicri(uid=500)"

Version-Release number of selected component (if applicable):
coreutils-7.2-1.fc11.x86_64.rpm (the package for su)

How reproducible:
Every time.

Steps to Reproduce:
1. $ exec su -
Actual results:
PAM errors in /var/log/secure

Expected results:
no PAM errors in /var/log/secure

Additional info:
I haven't changed any PAM configuration, or any other authentication/authorization setting. I'm using the default settings.
In spite of those errors su is running fine. I haven't noticed any problems yet.
Comment 1 Tomas Mraz 2009-06-11 05:38:51 EDT
This is certainly not a bug in PAM.

Either disable Fingerprint authentication in the system-config-authentication dialog or install fprintd-pam package.
Comment 2 Andreas Abati 2009-06-19 10:53:51 EDT
This seems to be a bug somewhere, but not necessarily related to the package.

/var/log/secure reports a problem of a faulty PAM module (/lib64/security/pam_fprintd.so). This is a link, which points to "pam_fprintd.so.0.0.0". 

The rpm package, however, does include the actual pam-module. Reinstalling the single package solves the problem.
Comment 3 Cristian Ciupitu 2009-06-19 11:33:55 EDT
(In reply to comment #2)
> /var/log/secure reports a problem of a faulty PAM module
> (/lib64/security/pam_fprintd.so). This is a link, which points to
> "pam_fprintd.so.0.0.0". 

$ ls /lib64/security/pam_fprintd*
ls: cannot access /lib64/security/pam_fprintd*: No such file or directory
Comment 4 Saikat Guha 2009-06-26 06:28:23 EDT
This is a bug in pam.

- I do not have a fingerprint reader.
- I do not have fprintd-pam package installed.

pam package contains config files that reference files provided by fprintd-pam. That is broken.

This is a minimal install without X libs or gtk; I cannot install system-config-authentication.
Comment 5 Tomas Mraz 2009-06-26 07:14:42 EDT
No, it is not. PAM contains only one file referencing the pam_fprintd - /etc/pam.d/fingerprint-auth, but this file is not used on system without gdm. Anaconda probably called authconfig (command line utility which does not need X or gtk) to configure pam_fprintd to system-auth.
Comment 6 Saikat Guha 2009-06-26 07:39:10 EDT
Hmmm. I did a minimal text install (i.e. linux text in installer boot prompt). Default text install (no GDM, no X) ended up with pam configured to use fprint. I assume that would be an anaconda bug then?
Comment 7 Tomas Mraz 2009-06-26 07:50:17 EDT
Comment 8 Gavin Edwards 2009-07-30 10:38:19 EDT
I have also seen this exact same problem in the same circumstances. Minimum text install for my home server and get the /lib64/security/pam_fprintd.so in /var/log/secure with no manual config changes.

I've just tried running authconfig --disablefingerprint --update and this has removed the pam_fprintd.so references in /etc/pam.d/system-auth and /etc/pam.d/system-auth-ac but not in /etc/pam.d/fingerprint-auth or /etc/pam.d/fingerprint-auth-ac.

Let's see if this stops the errors appearing.
Comment 9 Gavin Edwards 2009-07-30 10:48:11 EDT
Just for anyone reading this bug after searching teh internetz for the /lib64/security/pam_fprintd.so error, running

authconfig --disablefingerprint --update

does indeed fix the problem (for text installations at least)
Comment 10 Tomas Mraz 2009-08-18 12:18:38 EDT
*** Bug 518056 has been marked as a duplicate of this bug. ***
Comment 11 Adriano 2009-10-20 10:40:12 EDT
I didn´t the authconfig.

I just did  yum -y install fprintd-pam and that solve the error messages, this really fiz the message erro.
Comment 12 about2cure 2011-04-10 07:56:04 EDT
(In reply to comment #11)
> I didn´t the authconfig.
> I just did  yum -y install fprintd-pam and that solve the error messages, this
> really fiz the message erro.

(I have Fedora-13-LXDE installed).  

I did the same but it caused my login session to freeze up. I could log out but I couldn't restart or shutdown.  I did have mouse support though. 
* gnome-keyring-daemon was looking specifically for org.gnome.sessionmanager which I don't have because I'm using lxsession.
* xscreensaver couldn't find my password. I think it was looking for a fingerprint - just a guess.

Anyway I removed it.
Comment 13 Paul Wouters 2012-12-14 11:10:12 EST
Just got this too.

[root@nohats ~]# grep pam_fprintd /etc/pam.d/*
/etc/pam.d/fingerprint-auth:auth        sufficient    pam_fprintd.so
/etc/pam.d/fingerprint-auth-ac:auth        sufficient    pam_fprintd.so
/etc/pam.d/system-auth:auth        sufficient    pam_fprintd.so
/etc/pam.d/system-auth-ac:auth        sufficient    pam_fprintd.so

[root@nohats ~]# rpm -qV pam
....L....  c /etc/pam.d/fingerprint-auth
....L....  c /etc/pam.d/password-auth
....L....  c /etc/pam.d/smartcard-auth
....L....  c /etc/pam.d/system-auth

yum reinstall pam did not work. And no .rpmnew file was there. But the following worked:

mv /etc/pam.d/system-auth /tmp
yum reinstall pam

[root@nohats ~]# grep fprintd /etc/pam.d/system-auth
[root@nohats ~]# 

So perhaps something in the upgrade path causing this

Note You need to log in before you can comment on or make changes to this bug.