Apr 20 20:26:42 router17 xinetd[18025]: START: vmware-authd pid=28388 from=192.168.2.103 Apr 20 20:26:42 router17 vmware-authd[28388]: PAM unable to dlopen(/lib/security/pam_deny.so) Apr 20 20:26:42 router17 vmware-authd[28388]: PAM [error: /lib/security/pam_deny.so: wrong ELF class: ELFCLASS64] Apr 20 20:26:42 router17 vmware-authd[28388]: PAM adding faulty module: /lib/security/pam_deny.so Apr 20 20:26:42 router17 vmware-authd[28388]: pam_listfile(vmware-authd:account): Refused user root for service vmware-authd Apr 20 20:26:42 router17 xinetd[18025]: EXIT: vmware-authd status=1 pid=28388 duration=0(sec) Apr 20 20:30:01 router17 cron[28463]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons ) Reproducible: Always Steps to Reproduce: 1. emerge app-emulation/vmware-server 2. configure /etc/xinetd.d/vmware-authd appropriate 3. try to connect with vmware-server-console amd64 ~ # emerge --info Portage 2.1.5_rc4 (default-linux/amd64/2006.1/desktop, gcc-4.1.1, glibc-2.7-r2, 2.6.22-gentoo-r8 x86_64) ================================================================= System uname: 2.6.22-gentoo-r8 x86_64 AMD Sempron(tm) Processor 3300+ Timestamp of tree: Sat, 19 Apr 2008 01:45:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] ccache version 2.4 [enabled] app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.5 dev-lang/python: 2.3.6-r2, 2.4.4-r4, 2.5.2-r1 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.12 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.62 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.24 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -pipe -O2" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /opt/vmware/workstation/lib/modules/binary /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/lib/fax /usr/share/config /var/spool/fax/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=k8 -pipe -O2" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distcc distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://pandemonium.tiscali.de/pub/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ http://mirrors.64hosting.com/pub/mirrors/gentoo/" LANG="de_DE@euro" LC_ALL="de_DE@euro" LDFLAGS="" LINGUAS="de" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/gentoo-de /usr/local/overlays/gentoo-de /usr/local/portage /usr/local/overlays/my-gentoo /usr/local/overlays/pkalin" SYNC="rsync://192.168.2.100/gentoo-portage" USE="X acpi alsa amd amd64 apache2 arts berkdb bluetooth bzip2 cairo ccache cdr cli cracklib crypt cups dbus divx dri dvb dvd dvdr dvdread eds emboss encode esd fam fat firefox foomaticdb fortran gdbm gif gimp gkrellm gnuplot gpm gstreamer gtk gtk2 h323 hal iconv icq imagemagick imap iproute2 ipv6 isdnlog jabber java javascript jpeg kde latex lirc mad math mbox midi mikmod mp3 mp4live mpeg mpeg2 mpeg4 mplayer mplayer-bin msn mudflap mysql ncurses nls nptl nptlonly nsplugin nvidia obex octave ogg oggvorbis opengl openmp openssh openssl oss pam pcre pdf perl php plotutils png ppds pppd python qt3 qt4 quicktime rar rdesktop readline reflection reiserfs samba sdl session sftp spell spl ssl tcpd tiff truetype unicode usb vcd vdr visualization vorbis wma wma123 xcomposite xinerama xinetd xml xml2 xorg xv xvid xvmc zlib" ALSA_CARDS="via82xx" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" LIRC_DEVICES="devinput" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS router17 ~ # cat /etc/xinetd.d/vmware-authd # default: on # description: The VMware remote access authentification daemon service vmware-authd { disable = no port = 902 socket_type = stream protocol = tcp wait = no user = root server = /opt/vmware/server/sbin/vmware-authd only_from = 192.168.2.103 type = unlisted }
Hi, sorry for the long delay. Could you please post the contents of /etc/pam.d/vmware-authd? This should include the 32-bit pam emulation libraries (/lib32/security/), if yours does not, please re-emerge vmware-server and check again. If it still doesn't (or it then does but you encounter the same problem) then we'll have to investigate further. Thanks... 5:)
router17 ~ # cat /etc/pam.d/vmware-authd #%PAM-1.0 auth required /lib32/security/pam_unix.so shadow nullok account required /lib32/security/pam_listfile.so item=group sense=allow file=/etc/vmware/vmwaregroup onerr=fail account required /lib32/security/pam_unix.so in the syslog error message: Apr 27 07:41:47 router17 xinetd[16149]: START: vmware-authd pid=16471 from=192.168.2.103 Apr 27 07:41:47 router17 vmware-authd[16471]: PAM unable to dlopen(/lib/security/pam_deny.so) Apr 27 07:41:47 router17 vmware-authd[16471]: PAM [error: /lib/security/pam_deny.so: wrong ELF class: ELFCLASS64] Apr 27 07:41:47 router17 vmware-authd[16471]: PAM adding faulty module: /lib/security/pam_deny.so Apr 27 07:41:47 router17 vmware-authd[16471]: pam_listfile(vmware-authd:account): Refused user root for service vmware-authd Apr 27 07:41:47 router17 xinetd[16149]: EXIT: vmware-authd status=1 pid=16471 duration=0(sec) do i have to put root into vmware group?
Yes, even root need to be in the vmware group if they want to log into the console, so please see if that helps. Your pam file points directly to the 32-bit versions of pam, yet vmware-server for some reason is still being handed the 64-bit libraries (although, only the denial library, suggesting it only occurs for failed logons) and being asked to deal with them. I haven't a clue why that's happening, nor really how to fix, but if a member of the vmware group can log in successfully then it's not really a big deal.
root in vmware group solves the login problem