View previous topic :: View next topic |
Author |
Message |
Krieger n00b
Joined: 17 Sep 2004 Posts: 52
|
Posted: Wed Nov 10, 2004 5:56 am Post subject: [SOLVED]What does this message mean? |
|
|
Hello. I have just finished the base of my first Linux install and I have a question. I have searched the forums for this but didn't find anything like it.
2.6.9 from stage 1
genkernel
athlon-xp
I just compiled the kernel and installed GRUB. All seems fine in that regard, but when I successfully log in to the system I get this message:
Code: | PAM-env[7477]:unknown PAM_ITEM:<XAUTHORITY>
login[7477]:PAM pam-putenv:delete non-existent entry; XAUTHORITY
login(pam_unix)[7477]:session opened for user root by (uid=0)
|
Can someone tell me what this means, and give me advice as to what I should do about it?
Any help is appreciated.
Last edited by Krieger on Tue Dec 28, 2004 1:28 pm; edited 3 times in total |
|
Back to top |
|
|
donjuan l33t
Joined: 11 May 2004 Posts: 760 Location: At Uni
|
Posted: Wed Nov 10, 2004 7:55 am Post subject: |
|
|
X is the desktop rendering system for Linux/Unix. XAUTHORITY probably relates to the way X authenticates users logging in via a GUI. So once you emerge xorg it will probably go away. _________________ Command-line ACCEPT_KEYWORDS is considered harmful, use the package.* files.
The Stage 1 on 3 Install |
|
Back to top |
|
|
Maedhros Bodhisattva
Joined: 14 Apr 2004 Posts: 5511 Location: Durham, UK
|
Posted: Wed Nov 10, 2004 9:11 am Post subject: |
|
|
Have you remembered to install a sys-logger, and add it to the default run-level? _________________ No-one's more important than the earthworm. |
|
Back to top |
|
|
sammy2ooo Apprentice
Joined: 26 May 2004 Posts: 225
|
Posted: Wed Nov 10, 2004 10:13 am Post subject: |
|
|
same problem here:
Nov 10 11:03:51 uranos sudo: sammy : TTY=pts/0 ; PWD=/home/sammy ; USER=root ; COMMAND=/bin/ping localhost
Nov 10 11:03:51 uranos sudo: PAM pam_putenv: delete non-existent entry; REMOTEHOST
Nov 10 11:03:51 uranos PAM-env[19855]: Unknown PAM_ITEM: <XAUTHORITY>
Nov 10 11:03:51 uranos sudo[19855]: PAM pam_putenv: delete non-existent entry; XAUTHORITY
i have updated pam and afterwards this entries showed up in my logs.
but this only happens when running a command with sudo. reinstalling sudo / pam didn't solve the problem.
Any hints on this? |
|
Back to top |
|
|
mirko_3 l33t
Joined: 02 Nov 2003 Posts: 605 Location: Birreria
|
Posted: Wed Nov 10, 2004 1:13 pm Post subject: |
|
|
Same here, after updating pam... _________________ Non fa male! Non fa male! |
|
Back to top |
|
|
Krieger n00b
Joined: 17 Sep 2004 Posts: 52
|
Posted: Wed Nov 10, 2004 2:36 pm Post subject: |
|
|
Thank you for the responses.
donjuan
Quote: | X is the desktop rendering system for Linux/Unix. XAUTHORITY probably relates to the way X authenticates users logging in via a GUI. So once you emerge xorg it will probably go away. |
As I just emereged/installed xorg-x11 I will see if that works (I have not yet rebooted into Gentoo after the install so I could check this post ).
Maedhros:
Quote: | Have you remembered to install a sys-logger, and add it to the default run-level? |
Yes, I emerged metalog and added it as default using
Code: | rc-update add metalog default |
|
|
Back to top |
|
|
Krieger n00b
Joined: 17 Sep 2004 Posts: 52
|
Posted: Wed Nov 10, 2004 2:50 pm Post subject: |
|
|
Solved.
I obviously emerged, but did not add metalog as the default as mentioned by Maedhros.
I added my logger to the default run-level and the messages are now gone.
Thanks to all who helped. |
|
Back to top |
|
|
Maedhros Bodhisattva
Joined: 14 Apr 2004 Posts: 5511 Location: Durham, UK
|
Posted: Wed Nov 10, 2004 2:57 pm Post subject: |
|
|
I think my comment might have been irrelevant - the messages are still there, they're just being put into the system log as opposed to being shown on the screen. Whatever's causing these messages (and it looks likely to be PAM) hasn't been fixed, merely hidden from you...
Edit: And I just checked - my system log is full of these messages too. _________________ No-one's more important than the earthworm. |
|
Back to top |
|
|
xsteadfastx Tux's lil' helper
Joined: 27 Sep 2004 Posts: 132 Location: germany/belgium
|
Posted: Wed Nov 10, 2004 3:59 pm Post subject: |
|
|
i have the same problem after pam update. but no X installed...so i dont think it has something to do with it. and i use metalog in default runlevel. any idea? |
|
Back to top |
|
|
Krieger n00b
Joined: 17 Sep 2004 Posts: 52
|
Posted: Wed Nov 10, 2004 4:22 pm Post subject: |
|
|
Maedhros:
Right, I thought that the messages would now be logged by metalog, so it's not as though the messages 'don't occur', it's just that they are no longer shown to the console.
I installed Xorg-X11 , did a reboot and the messages still occur. I cannot shed further light at this time. Perhaps it is a permissions issue with PAM as suggested by donjuan. |
|
Back to top |
|
|
hanj Veteran
Joined: 19 Aug 2003 Posts: 1490
|
Posted: Wed Nov 10, 2004 4:41 pm Post subject: |
|
|
Had the same problem after pam upgrade.
Comment the following in /etc/securitypam_env.conf
Code: | #DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
#XAUTHORITY DEFAULT= OVERRIDE=@{XAUTHORITY} |
Thanks to Volumen1 for the fix.
HTH
hanji |
|
Back to top |
|
|
xsteadfastx Tux's lil' helper
Joined: 27 Sep 2004 Posts: 132 Location: germany/belgium
|
Posted: Wed Nov 10, 2004 4:48 pm Post subject: |
|
|
hanj wrote: | Comment the following in /etc/securitypam_env.conf |
i dont even have this file |
|
Back to top |
|
|
hanj Veteran
Joined: 19 Aug 2003 Posts: 1490
|
Posted: Wed Nov 10, 2004 4:55 pm Post subject: |
|
|
my bad...
the file is /etc/security/pam_env.conf
hanji |
|
Back to top |
|
|
Krieger n00b
Joined: 17 Sep 2004 Posts: 52
|
Posted: Wed Nov 10, 2004 5:23 pm Post subject: |
|
|
hanji:
I'll do that when I get home, and I'm sure it will work. Thanks. |
|
Back to top |
|
|
tomk Bodhisattva
Joined: 23 Sep 2003 Posts: 7221 Location: Sat in front of my computer
|
|
Back to top |
|
|
xsteadfastx Tux's lil' helper
Joined: 27 Sep 2004 Posts: 132 Location: germany/belgium
|
Posted: Wed Nov 10, 2004 6:58 pm Post subject: |
|
|
hanj wrote: | the file is /etc/security/pam_env.conf |
ok that did it
thanks so much |
|
Back to top |
|
|
Erik Agtig n00b
Joined: 11 Nov 2004 Posts: 4
|
Posted: Thu Nov 11, 2004 8:52 am Post subject: |
|
|
Thanks, worked for me too! But what are the security implications of commenting these lines? Is this "the correct way", or just the quick and dirty fix to undo the PAM maintainers' attempts to make the default config more secure in the newest release? |
|
Back to top |
|
|
mirko_3 l33t
Joined: 02 Nov 2003 Posts: 605 Location: Birreria
|
Posted: Fri Nov 12, 2004 1:31 pm Post subject: |
|
|
No updates on this? _________________ Non fa male! Non fa male! |
|
Back to top |
|
|
Deranger Veteran
Joined: 26 Aug 2004 Posts: 1215
|
Posted: Fri Nov 12, 2004 3:16 pm Post subject: |
|
|
Commenting those lines from /etc/security/pam_env.conf fixed it, it seems that new pam is a bit b0rked. |
|
Back to top |
|
|
mirko_3 l33t
Joined: 02 Nov 2003 Posts: 605 Location: Birreria
|
Posted: Fri Nov 12, 2004 4:05 pm Post subject: |
|
|
I mean, is this just a hack or the Right Way(tm)? Any sides effects, on security maybe? _________________ Non fa male! Non fa male! |
|
Back to top |
|
|
Deranger Veteran
Joined: 26 Aug 2004 Posts: 1215
|
Posted: Fri Nov 12, 2004 6:06 pm Post subject: |
|
|
mirko_3 wrote: | I mean, is this just a hack or the Right Way(tm)? Any sides effects, on security maybe? |
I would say that's a ugly hack but I think it's safe to use it until new pam is released. |
|
Back to top |
|
|
xmit Apprentice
Joined: 02 Apr 2003 Posts: 158 Location: Hamburg, Germany
|
|
Back to top |
|
|
LinuxRocks Guru
Joined: 27 Nov 2003 Posts: 397 Location: New Mexico
|
Posted: Sun Nov 14, 2004 7:38 am Post subject: |
|
|
Personally, if no one know whether its a security risk or not, I would leave it untill either PAM is fixed, if it is in fact broken, or a known "secure" resolution is put into place. I would hate to see someones machine compromised just because of some harmless lines in a syslog.
Thoughts?
Joe |
|
Back to top |
|
|
Sm1 Apprentice
Joined: 02 Dec 2003 Posts: 251 Location: Ames, IA
|
Posted: Sun Nov 14, 2004 10:09 am Post subject: |
|
|
I wouldnt say that ther were completely harmless lines in configuration files, I previously couldnt X forward to or from ANY machine, and after this fix X forwarding decided it would work. There are some other implications to this problem |
|
Back to top |
|
|
Gentree Watchman
Joined: 01 Jul 2003 Posts: 5350 Location: France, Old Europe
|
Posted: Mon Nov 15, 2004 1:10 am Post subject: |
|
|
The post refered to harmless lines in a sys-log.
While the lines in a sys-log are harmless, the error they are reporting may not be so "harmless".
Until I know what this shit is about or somebody fixes it I am masking pam-0.77-r1 and "downgrading" to one that works.
I am having SERIOUS shit with this system since I updated a week back.
Hopefully eleminating some such buggy update will straighten it out when I get the rightone.
I can't even startx at the moment so this one goes down the pan, pam. _________________ Linux, because I'd rather own a free OS than steal one that's not worth paying for.
Gentoo because I'm a masochist
AthlonXP-M on A7N8X. Portage ~x86 |
|
Back to top |
|
|
|