Red Hat Bugzilla – Bug 831001
netatalk pam configuration has invalid entry
Last modified: 2012-06-30 18:01:50 EDT
Created attachment 591033 [details]
Fix comment in netatalk.pam-system-auth
Description of problem:
The following errors appear in log/secure:
PAM (netatalk) illegal module type: user
PAM pam_parse: expecting return value; [...context]
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure netatalk to authenticate connections (eg '-uamlist uams_dhx2.so' in afpd.conf)
2. Attempt to connect to afpd server
3. Examine log/secure
PAM parse errors as displayed above.
No PAM errors
This appears to be a typo in the netatalk.pam-system-auth in the source package, where a comment was incorrectly wrapped to a newline. I've supplied a patch to fix the comment.
Thanks for the patch.
committed to git->http://lists.fedoraproject.org/pipermail/scm-commits/2012-June/802338.html->modified
netatalk-2.2.2-2.fc17 has been submitted as an update for Fedora 17.
2.2.2-2 appears to work as expected.
I did notice that upgrading the package didn't restart the daemon as I expected... perhaps the spec file needs a few extra lines (these are inspired from bind.spec, should I log a separate bug?):
if [ "$1" -eq 0 ] ; then
# Package removal, not upgrade
/bin/systemctl --no-reload disable netatalk.service > /dev/null 2>&1 || :
/bin/systemctl stop netatalk.service > /dev/null 2>&1 || :
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ "$1" -ge 1 ] ; then
# Package upgrade, not uninstall
/bin/systemctl try-restart netatalk.service >/dev/null 2>&1 || :
There is only missing '# Package upgrade, not uninstall' part in spec. I will fix it in rawhide, but if you think that this should be also fixed in F17 please file a bug so I won't forget it in next update.
Probably not important for this update since pam is dynamic loading. Good to hear it'll be in F18 though :)
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing netatalk-2.2.2-2.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Left feedback over a week ago, this can probably go stable.
netatalk-2.2.2-2.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.