Red Hat Bugzilla – Bug 846843
pam_lastlog fails when no /var/log/lastlog file exists
Last modified: 2012-08-09 12:34:03 EDT
Upon upgrading to pam-1.1.5-8.fc18, we can no longer login to the terminal or use "su" on OLPC builds.
The error is: Error in service module
systemd's journal gives a little more info:
pam_lastlog(login:session): unable to open /var/log/lastlog: No such file or directory
/var/log/lastlog doesn't exist. Creating it avoids the issue.
This seems to have popped up now because pam-1.1.5-8.fc18 moves to enabling pam_lastlog by default, with noupdate, and the logic I'm reading at https://lists.fedorahosted.org/pipermail/linux-pam-commits/2012-April/000111.html seems to agree with this behaviour: if open(/var/log/messages) == ENOENT and we're running with noupdate, error out.
I'll change the PAM configuration to make the pam_lastlog 'optional' so its failure will not cause the session open to fail.