Bug 846843 - pam_lastlog fails when no /var/log/lastlog file exists
pam_lastlog fails when no /var/log/lastlog file exists
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-08 17:08 EDT by Daniel Drake
Modified: 2012-08-09 12:34 EDT (History)
1 user (show)

See Also:
Fixed In Version: pam-1.1.5-9.fc18
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-09 12:34:03 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel Drake 2012-08-08 17:08:46 EDT
Upon upgrading to pam-1.1.5-8.fc18, we can no longer login to the terminal or use "su" on OLPC builds.

The error is: Error in service module

systemd's journal gives a little more info:
pam_lastlog(login:session): unable to open /var/log/lastlog: No such file or directory

/var/log/lastlog doesn't exist. Creating it avoids the issue.

This seems to have popped up now because pam-1.1.5-8.fc18 moves to enabling pam_lastlog by default, with noupdate, and the logic I'm reading at https://lists.fedorahosted.org/pipermail/linux-pam-commits/2012-April/000111.html seems to agree with this behaviour: if open(/var/log/messages) == ENOENT and we're running with noupdate, error out.
Comment 1 Tomas Mraz 2012-08-08 17:23:42 EDT
I'll change the PAM configuration to make the pam_lastlog 'optional' so its failure will not cause the session open to fail.

Note You need to log in before you can comment on or make changes to this bug.