After installing sys-libs/pam-1.4.0_p20200829, each time when I run `su`, I get a syslog warning "pam_faillock(su:auth): Unknown option: conf". At the same time, `su` works correctly. I found that the warning goes from a new pam module faillock. Found that the warning is coded in the last 'else' block in void 'set_conf_opt' in modules/pam_faillock/pam_faillock.c. Wrote a testing patch showing which arguments are being passed to set_conf_opt (attachment faillock_test_prints.patch). This patch showed buf as 'conf' and val as '/etc/security/faillock.conf' from args_parse. So, I wrote a patch getting rid of the warning (attachment remove_faillock_warning.patch). But I don't know: - how correct is it with regard to what faillock is intended to do; - should I report it upstream or is it something Gentoo-specific.
Created attachment 664849 [details, diff] faillock_test_prints.patch
Created attachment 664852 [details, diff] remove_faillock_warning.patch
Created attachment 664855 [details] emerge --info
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/proj/pambase.git/commit/?id=e0835e729bcf04f501d4610cf3925ec41b37c5f5 commit e0835e729bcf04f501d4610cf3925ec41b37c5f5 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-10-12 17:30:18 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-12 17:30:18 +0000 templates/system-auth.tpl: drop superfluous conf param on faillock pam_faillock defaults to /etc/security/faillock.conf anyway. Closes: https://bugs.gentoo.org/747967 Signed-off-by: Sam James <sam@gentoo.org> templates/system-auth.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
