Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 110256 - Uninstalling nss_ldap locks out all new logins
Summary: Uninstalling nss_ldap locks out all new logins
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Gentoo Linux bug wranglers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-10-23 12:06 UTC by Vijay Avarachen
Modified: 2005-10-23 14:10 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vijay Avarachen 2005-10-23 12:06:38 UTC 
I installed nss_ldap libraries so that the system could authenticate against a
OpenLDAP server.  Installing nss_ldap modified the system_auth file in pam.d
folder (as it should).  Specifically it added following lines:

auth	   sufficient   pam_ldap.so use_first_pass
account    sufficient	pam_ldap.so
password   sufficient	pam_ldap.so use_authtok
session    required	pam_ldap.so

However when I uninstalled nss_ldap, it did not remove those lines from
system-auth file.  After reboot, when I attempted to log-in (as any system user,
including root) I got the following error:
"Module is unknown"

I had to boot from gentoo CD, and update the config files manually to get it all
back to normal.


Reproducible: Always
Steps to Reproduce:
1. Install nss_ldap
2. Uninstall nss_ldap
3. Attempt to login

Actual Results:  
No user (including root) was able to login.  All attempts to login ended in
error "Module is unkown"

Expected Results:  
On uninstall of nss_ldap, the system-auth file and any other file modified by
nss_ldap in /etc/pam.d should be updated.  The uninstall should remove all
references to pam_ldap.so

Gentoo Base System version 1.6.13
Portage 2.0.51.22-r2 (default-linux/x86/2005.1, gcc-3.3.5-20050130,
glibc-2.3.5-r2, 2.6.11-hardened-r15dana-0.1 i686)
=================================================================
System uname: 2.6.11-hardened-r15dana-0.1 i686 Intel(R) Xeon(TM) CPU 3.20GHz
dev-lang/python:     2.3.5
sys-apps/sandbox:    1.2.11
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6
sys-devel/binutils:  2.15.92.0.2-r10
sys-devel/libtool:   1.5.18-r1
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O3 -march=i686 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config
/usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -march=i686 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distlocks sandbox sfperms strict"
GENTOO_MIRRORS="http://distfiles.gentoo.org
http://distro.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 alsa apm arts avi berkdb bitmap-fonts boundschecking chroot crypt cups
curl eds emboss encode expat foomaticdb fortran gdbm gif gpm gstreamer gtk gtk2
hardened imlib java jpeg ldap libg++ libwww mad mailwrapper mcal md5sum mikmod
motif mp3 mpeg ncurses nls offensive ogg oggvorbis opengl oss pam pcre pdflib
perl pic png python qt quicktime readline sdl sftplogging spell ssl symlink tcpd
tiff truetype truetype-fonts type1-fonts vorbis xml2 xmms xv zlib userland_GNU
kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2005-10-23 14:10:35 UTC 
Portage does not touch any files under CONFIG_PROTECT when uninstalling packages.