Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 330233 - sys-auth/pambase[kerberos] can't login without networking
Summary: sys-auth/pambase[kerberos] can't login without networking
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal
Assignee: PAM Gentoo Team (OBSOLETE)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-07-28 15:22 UTC by Juergen Rose
Modified: 2010-10-31 16:27 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Juergen Rose 2010-07-28 15:22:44 UTC
After installing sys-auth/pambase-20100724 I can't more login into my laptop as user root or ordinary user rose at the console, if the network configuration is not OK.
For example, if I have the network configuration from my institute and return home, login is impossible. I still get the user prompt, but the password prompt does not appear. Anything I enter is shown, but ignored. After some time a timeout message is shown.
So I have to boot with a alternative boot medium (Boot-CD, Boot-USBstick), mount all my partitions and logical volumens under /mnt/gentoo, chroot to /mnt/gentoo, change the network configuration with quickswitch to the Homenet and reboot again from the harddisk. Now the login is possible I get a password prompt.

When I now change again to the institute, the analog problem happens.

I can't find any messages in /var/log/messages connected with the issue.

Reproducible: Always




root@lynx:/root(5)# emerge --info
Portage 2.1.8.3 (default/linux/amd64/10.0/desktop, gcc-4.4.4, glibc-2.11.2-r0, 2.6.34-gentoo-r2 x86_64)
=================================================================
System uname: Linux-2.6.34-gentoo-r2-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T8300_@_2.40GHz-with-gentoo-2.0.1
Timestamp of tree: Tue, 27 Jul 2010 10:30:01 +0000
app-shells/bash:     4.1_p7
dev-java/java-config: 2.1.11
dev-lang/python:     2.6.5-r3, 3.1.2-r4
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.1-r1
sys-apps/sandbox:    2.2
sys-devel/autoconf:  2.13, 2.65-r1
sys-devel/automake:  1.7.9-r2, 1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.4-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
virtual/os-headers:  2.6.34
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA PUEL dlj-1.1 skype-eula googleearth AdobeFlash-10.1 cadsoft"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
FFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ rsync://ftp.fi.muni.cz/pub/linux/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://vlaai.snt.ipv6.utwente.nl/pub/os/linux/gentoo/"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="de fr"
MAKEOPTS="-j1"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/dotnet /var/lib/layman/lordvan /var/lib/layman/n4g /var/lib/layman/x11 /var/lib/layman/java-overlay /var/lib/layman/sunrise /var/lib/layman/arcon /var/lib/layman/science /var/lib/layman/pro-audio /usr/local/portage /var/lib/cpan"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="64bit R X Xaw3d a52 aac abiword acl acpi admin afs alsa amd64 ao apache2 applet archive arpack asf aspell assistant audacious audiofile automap automount bash-completion beagle berkdb blas blast bluetooth boo boost branding bzip2 cairo cardbus cdda cddb cdf cdio cdparanoia cdr cg cgi chm cli consolekit corba cracklib crypt css cuda cups curl cxx daap db dbase dbi dbm dbus designer devhelp device-mapper dga dia djvu doc dri ds2490 ds9097 ds9097u dts dv dvb dvd dvdr dvi dynamicplugin eds elf emacs emboss empathy encode epiphany evo examples exif expat extensions extra extras fam fame ffmpeg fftw firefox fits flac fltk foomaticdb fortran fpx fts3 fuse galago garmin gd gdal gdbm gedit geoip geolocation geos gif gimp ginac git glade glib glitz gml gmp gmtsuppl gnokii gnome gnome-keyring gnome-print gnuplot gnutls gphoto2 gpm grammar graphics graphtft graphviz grass gs gsl gsm gstreamer gtk guile hal harness hddtemp hdf hdf5 hdri hlapi http httpd hvm iconv icq icu id3 ide imagemagick imap innodb inotify ipod ipv6 irda ithreads jabber jadetex java java5 java6 jbig john jpeg jpeg2k kdrive kerberos kpathsea kqemu kvm ladspa lame lapack laptop latex latex3 lcms ldap lensfun libffi libgda libnotify libsamplerate lirc lua lzo mad mail maildir mailwrapper mapnik math matroska mikmod mkl mmx mmxext mng modules mono moonlight motif mozdevelop mozilla mp3 mp4 mpeg mpi mplayer mtp mudflap multilib musicbrainz mysql mysqli nautilus ncurses neXt netcdf netpbm network networking networkmanager nfs nls nntp nptl nptlonly nsplugin ntfs ntp numarray numeric nvidia obex objc ocaml octave odbc ogdi ogg ole openexr opengl openmp overview pae pam pango pcre pda pdf perl plotutils plugins png podcast policykit posix postgres postscript ppds pppd preview-latex proj projectx pstricks pulseaudio pymol python python-bindings qemu qhull qt3support qt4 quicktime readline reflection reiserfs rle romio rpc rrdcgi rrdtool samba sasl science sdl secure-delete semantic-desktop server session sip slang slp smbclient smp sms sndfile snmp soup sox speex spell spl sql sqlite sse sse2 ssl startup-notification stlport subtitles subversion suexec svg swig sysfs szip t1lib tcl tcpd tex tex4ht texmacs theora thinkpad threads thunderbird tidy tiff tk tntc tools truetype udev unicode usb userlocales utempter v4l2 video virtualbox vorbis wav webdav webdav-serf webkit wifi wmf wxwidgets x264 xattr xcb xemacs xext xine xml xmlreader xmlrpc xorg xpm xulrunner xv xvid xvmc zlib zvbi" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" CAMERAS="canon" DVB_CARDS="usb-wt220u" ELIBC="glibc" INPUT_DEVICES="keyboard mouse                evdev                synaptics               " KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de fr" NETBEANS_MODULES="apisupport cnd dlight enterprise ergonomics groovy gsf harness ide identity j2ee java mobility nb php profiler ruby websvccommon xml" QEMU_SOFTMMU_TARGETS="i386 ppc ppc64 x86_64" QEMU_USER_TARGETS="arm i386 x86_64" RUBY_TARGETS="ruby18 jruby" USERLAND="GNU" VIDEO_CARDS="nv nvidia nouveau vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

root@lyn
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-07-28 15:29:01 UTC
This is due to USE=kerberos on pambase; if you don't need it, please disable that. On the other hand I'll look into why it would stop without simply falling back at the unix auth as it should.
Comment 2 Juergen Rose 2010-08-29 06:16:35 UTC
Setting "sys-auth/pambase -kerberos" solved the problem of my laptop. But then I got the same issue on two further computers, which I could solve in the same way.
Nevertheless it is rather nasty, perhaps there is a more general solution.
Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-10-31 16:27:14 UTC
If kerberos is not configured at all, it'll try connecting to the MIT servers and failing that it'll wait for timeout. For a long time.

So basically the idea is "if you enabled kerberos USE flag, I expect you to have a properly-configured Kerberos client, otherwise it's your pieces to pick up".