I was presented with the following diff after upgrading to pam-login-3.12: --- /etc/pam.d/login 2003-08-10 18:12:23.000000000 +0200 +++ /etc/pam.d/._cfg0000_login 2003-09-25 10:00:57.000000000 +0200 @@ -1,12 +1,12 @@ #%PAM-1.0 - -auth required /lib/security/pam_securetty.so -auth required /lib/security/pam_stack.so service=system-auth -auth required /lib/security/pam_nologin.so - -account required /lib/security/pam_stack.so service=system-auth - -password required /lib/security/pam_stack.so service=system-auth - -session required /lib/security/pam_stack.so service=system-auth -session optional /lib/security/pam_console.so +auth requisite pam_unix2.so nullok #set_secrpc +auth required pam_securetty.so +auth required pam_nologin.so +#auth required pam_homecheck.so +auth required pam_env.so +auth required pam_mail.so +account required pam_unix2.so +password required pam_pwcheck.so nullok +password required pam_unix2.so nullok use_first_pass use_authtok +session required pam_unix2.so none # debug or trace +session required pam_limits.so It looked so suspicious in various ways that I made backup of the original / etc/pam.d/login that was installed. Lucky me, as it turned out that the new / etc/pam.d/login completely broke my login. I couldn't login anymore. Please either tell me what I did wrong or revisite the config file changes. I for once went back to my backup config file and it now works again.
I had the same problem. My solution is to replace "pam_unix2.so" with "pam_unix.so", after that evyryting should work fine.
This is biting a lot of people.
I've masked 3.12 for now.
It should be noted for users with this problem that merely emerge -C pam-login does not delete the bad file if you have already upgraded and you must manually delete /etc/pam.d/login and then remerge an and older version (pam-3.11-r1) to get it working again.
my previous comment wasn't quite correct... /etc/pam.d/login belongs to the shadow package, NOT pam-login, so you have to remerge shadow it appears if you want a non-modified copy of that file back.
If you fix this by replacing "pam_unix2.so" with "pam_unix.so" it works, but it still complains about a missing "pam_passwd.so" in the log.
Sorry, mixed it up "pam_pwcheck.so", not "pam_passwd.so".
What can I do now to get my old working /etc/pam.d/login file back?
Oh, sorry, I should read the comments first. And take time for that.
Created attachment 19532 [details] Original /etc/pam.d/login This is the original /etc/pam.d/login (or a reasonable facsimile) for those who have encountered this problem.
*** Bug 31613 has been marked as a duplicate of this bug. ***
This is not an issue anymore, is it? Please close if it isn't.
This should be fixed since a long time now, please reopen if it's still an issue (but I can't see how this can be).