sys-libs/pam-0.99.6.3-r1 & app-admin/sudo-1.6.8_p12-r1 & net-misc/openssh-4.5_p1: Apps don't work after upgrading PAM I upgraded pam and re-compiled sudo and openssh: [ebuild R ] sys-libs/pam-0.99.6.3-r1 USE="nls (-selinux) -vim-syntax" 0 kB [ebuild R ] app-admin/sudo-1.6.8_p12-r1 USE="-ldap offensive pam (-selinux) -skey" 0 kB [ebuild R ] net-misc/openssh-4.5_p1 USE="-X -X509 -chroot hpn -kerberos -ldap libedit pam (-selinux) -skey -smartcard -static tcpd" 0 kB When I now try to run a command with "sudo" as root, it always fails: [13:21:22 vz6tml@dewup-ww02:~] $ sudo ls Password: I feel much better now. Password: sudo: 1 incorrect password attempt In syslog: Nov 14 13:01:50 dewup-ww02 sudo: pam_unix(sudo:auth): authentication failure; logname=vz6tml uid=0 euid=0 tty=pts/40 ruser= rhost= user=vz6tml I did NOT mistype the password ;) The account (vz6tml) is delivered through NIS: [13:30:53 vz6tml@dewup-ww02:~] $ ypcat passwd | grep ^vz6tml vz6tml:6NdxgVDU8AvDc,7./S:1100:3000:Alexander Skwar:/u/vz6tml:/usr/local/bin/bash I'm also unable to login with SSH. When I try to do so, I find the following in syslog: Nov 14 13:00:30 dewup-ww02 sshd[25175]: error: PAM: Authentication failure for vz6tml from localhost With pam-0.78-r5, everything is working fine. dewup-ww02 ~ # grep bash /etc/shells /bin/bash /usr/local/bin/bash [13:35:25 vz6tml@dewup-ww02:~] $ emerge --info ^[ Portage 2.1.2_rc1-r6 (default-linux/x86/2006.1, gcc-3.4.6, glibc-2.5-r0, 2.6.17-gentoo-r7.05 i686) ================================================================= System uname: 2.6.17-gentoo-r7.05 i686 Intel(R) Xeon(TM) CPU 2.40GHz Gentoo Base System version 1.12.6 Last Sync: Tue, 14 Nov 2006 01:50:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.30 dev-lang/python: 2.3.6, 2.4.4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r6 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r1 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /home /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/lib/mozilla/defaults/pref /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=pentium4 -pipe" DISTDIR="/Gentoo/portage/distfiles" EMERGE_DEFAULT_OPTS="--alphabetical" FEATURES="autoconfig buildpkg ccache collision-protect distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS=" http://localhost/~vz6tml/gentoo-files http://dewup-ww02.dewup.europe.delphiauto.net/~vz6tml/gentoo-files http://localhost/gentoo-files/ http://dewup-ww02.dewup.europe.delphiauto.net/gentoo-files/ http://localhost/~vz6tml/gentoo-files/ http://cifs-srvr1.europe.delphiauto.net/~vz6tml/Misc._Software/Gentoo/ http://alexander.skwar.name/~askwar/stuff/gentoo/ http://localhost:60081/pub/Mirrors/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://localhost:60080/pub/gentoo/ http://pandemonium.tiscali.de/pub/gentoo/ http://localhost:60082/mirror/rsync.gentoo.org/gentoo/ http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ http://localhost:60083/pub/linux/distributions/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ ftp://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://localhost:60084/ http://distfiles.gentoo.org/ " LANG="de_DE.utf8" LINGUAS="de" MAKEOPTS="-j3" PKGDIR="/Gentoo/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/Gentoo/portage/tmp" PORTDIR="/Gentoo/portage/tree" PORTDIR_OVERLAY="/Gentoo/portage/local-tree/misc /Gentoo/portage/local-tree/overlays/nx/testing" SYNC="rsync://localhost:10873/gentoo-portage" USE="x86 7zip GAPING_SECURITY_HOLE X acl apache apache2 artworkextra async bash-completion berkdb bitmap-fonts ccache ck-server cli cracklib crypt css cups dbus dlloader dri dvd elibc_glibc encode exif fam fat firefox font-server gd gdbm gmail gmailtimestamps gnome gpm gs gtk2 hal hfs hpn i8x0 iconv id3 imagemagick imlib imlib2 input_devices_evdev input_devices_keyboard input_devices_mouse input_devices_void isdnlog java javascript jfs jikes kde kdeenablefinal kernel_linux lame libg++ linguas_de linuxthreads-tls lm_sensors lynxkeymap lzo lzw lzw-tiff mailbox maildir matroska mmx mozsvg mp3 mpm-worker msdav mysql mysqli ncurses network nfs nis nls no-old-linux no-suexec nodrm nomusic nptl nptlonly ntlm offensive ogg oggvorbis pam pcre perl php posix postfix ppds pppd python rar rdesktop readline real recode reflection reiserfs samba sapdb screen sendfile session sftp smp sockets spl sse sse2 ssl stream subtitles symlink sysvipc tcpd tiff transcode truetype truetype-fonts udev unicode usb userland_GNU userlocales utf8 vhosts video_cards_ati video_cards_vesa video_cards_vga vim vim-pager vim-with-x vorbis webdav win32codecs xattr xfs xinetd xorg xv xvid yp zlib" Unset: CTARGET, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS
I'm seeing this on a different system as well now. So it's not isolated to one system. Is the "problem", that my accounts are served from NIS?
It looks like sys-libs/pam-0.99.6.3-r1 have no pam_stack.so modules? Disaster?
pam-0.99.6.3-r2 have same issue. /etc/pam.d/* files are still using pam_stack.so instead of include system-auth Are we supposed to change it manually? Is someone going to answer this bug?
http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml
