Summary: | /etc/pam.d/xdm points to pam_console.so which is missing | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Martin Mokrejš <mmokrejs> |
Component: | Current packages | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | greg_g, pam-bugs+disabled |
Priority: | High | Keywords: | Inclusion |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 31877, 100688 |
Description
Martin Mokrejš
2005-07-04 05:06:05 UTC
Not a vulnerability, reassigning to PAM team. May be related to bug 31877 though... Reassigning to X11 team, it's not a problem with pam. X11: I'll fix pamd_mimic_system to create pam-0.77 compatible pamd files, you probably want to use that to create /etc/pam.d/xdm. We do not want to use pam_console with 2.6 kernels and udev any longer, so please just comment those lines until the X team removes them. Since X clearly does have to retain compat with 2.4, what would you like us to do here? Who's using 2.4 should be able to put pam_console there, in case just add a commented line which can be just uncommented to enable. Still, it shouldn't be an issue neither on 2.4 as devfs can easily take care of those settings anyway. *** Bug 98458 has been marked as a duplicate of this bug. *** Just for clarity, using pam_console or not is not related to using devfs or udev. One can have pam_console enabled or disabled and everything will work with both udev and devfs. In fact, we want to disable pam_console by default for everyone, when using udev it is just more evident that pam_console is not much useful. So you can safely remove the references to pam_console in newer versions of xdm.pamd. This has been fixed for the modular xdm package btw. Is anything in portage still doing this? Think xdm and one apache modulare are the last ones. xdm in which xorg version? 6.8.99.15-r? here still use it. Is it really important to you that these Xorg versions are fixed? They're just going to be dropped sooner or later anyway... Both stable and unstable users get a sys-libs/pam without pam_console. Having pam_console in required makes it impossible to use xdm by default. 6.8.2: files/xdm.pamd:session optional pam_console.so files/xserver.pamd:#auth required pam_console.so The same is true for 6.8.99.15. What are you looking at that's different? Sorry just grepped for pam_console, it's usually as required as it doesn't work anyway otherwise. So there's no point in leaving pam_console line there anyway. These lines don't exist in modular at all...I don't think rolling out new filesets for Xorg to get rid of commented lines is necessary at this point. Donnie? (In reply to comment #17) > These lines don't exist in modular at all...I don't think rolling out new > filesets for Xorg to get rid of commented lines is necessary at this point. Donnie? Might as well do it next time changes are made to the respective versions, but I wouldn't rush. Alright, I marked with an Inclusion keyword so we'll look at it. just a clarification to any gentoo user which is getting this error (/lib64 here 'cause i am using amd64 but that is arch dependant): Oct 31 01:28:11 laptop : PAM [dlerror: /lib64/security/pam_console.so: cannot open shared object file: No such file or directory] it is not really a problem as it is being triggered by the following optional configuration (/etc/pam.d/xdm) session optional pam_console.so and which is failing because pam_console.so doesn't get compiled by default in the pam ebuild (unless USE="pam_console" is added) and because pam_console's use is meant to be deprecated in favor of udev/devfs managing of console permissions where possible. in order to get rid of the annoying message just comment the above line, no functionality will be lost because of that. 6.8.2 won't be receiving any more non-security changes, and this bug is fixed in 7.0. |