From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020607 Description of problem: When PAM is used with pam_ldap (nss_ldap), PAM can't seem to load the pam_ldap.so module. It dies when pam_ldap.so tries to load libssl. If we turn on debugging ('debug' option of pam_ldap in /etc/pam.d/system- auth), we get this message to the logs: Aug 21 13:15:56 spearmint sshd[27410]: PAM unable to dlopen(/lib/security/pam_ldap.so) Aug 21 13:15:56 spearmint sshd[27410]: PAM [dlerror: /lib/libssl.so.2: undefined symbol: OpenSSLDie] Aug 21 13:15:56 spearmint sshd[27410]: PAM adding faulty module: /lib/security/pam_ldap.so Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. edit /etc/pam.d/system-auth to use /lib/security/pam_ldap.so debug for auth: auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so debug 2. make sure your /etc/ldap.conf file is set up to let you talk to an actual LDAP server 3. try to log in Actual Results: I can't log in Expected Results: I should be able to log in Additional info: This is kind of important, as I'm now locked out of several machines and have been forced to turn off LDAP authentication
Run /sbin/ldconfig and restart sshd (and perhaps some other similar services) and the unresolved symbol error will go away.
The above fix worked for me too.. It seems to happen if you upgrade to the latest OpenSSL that comes in the errata (In my case Redhat 7.1 Alpha). And you have an sshd running.
This doesn't apply to current distributions.