Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Updated Pam - Now I can't login as root from the console
View unanswered posts
View posts from last 24 hours

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
danielrm26
Tux's lil' helper
Tux's lil' helper


Joined: 18 Apr 2002
Posts: 92

PostPosted: Thu Sep 25, 2003 8:47 am    Post subject: Updated Pam - Now I can't login as root from the console Reply with quote

This is fun.

I just did an update of gcc, ssh, and pam. I then did an etc-update and remember seeing something about pam. I chose option 1 (replace) since I had never made any changes to that file manually.

Well, now I can't login as root. It says "login incorrect" regardless of what I type as a username.

Any ideas? My only option now seems to be to bring up a pam file from one of my other boxes and copy it over to the now broken one. Any ideas that are better than this?
_________________
dmiessler.com -- grep understanding knowledge
Back to top
View user's profile Send private message
danielrm26
Tux's lil' helper
Tux's lil' helper


Joined: 18 Apr 2002
Posts: 92

PostPosted: Thu Sep 25, 2003 9:52 am    Post subject: Solved Reply with quote

Ok, I sftp'd my /etc/pam.d/login file from another gentoo box and was able to login fine.

WARNING: Be careful when updating pam in portage and then using etc-update.

# strings for searching this forum
# hopefull this will be seen by others if they have the same issue

/etc/pam.d/login
login
can't login anymore
username incorrect
incorrect username
_________________
dmiessler.com -- grep understanding knowledge
Back to top
View user's profile Send private message
water
Guru
Guru


Joined: 19 Jun 2002
Posts: 387
Location: Zierikzee, The Netherlands

PostPosted: Thu Sep 25, 2003 10:46 am    Post subject: Reply with quote

Are you using unstable packages?
_________________
Groeten uit Holland
Back to top
View user's profile Send private message
thwint
n00b
n00b


Joined: 15 May 2003
Posts: 53
Location: Biel, Switzerland

PostPosted: Thu Sep 25, 2003 12:31 pm    Post subject: Reply with quote

Today I finished installing my Gentoo box and had the same problem.

What is wrong with the default configuration of pam-login 3.12?
_________________
Cheers,
Tom
Back to top
View user's profile Send private message
b0fh
Guru
Guru


Joined: 16 Jun 2003
Posts: 426

PostPosted: Thu Sep 25, 2003 12:45 pm    Post subject: Reply with quote

Same problem here. Could someone post a right /etc/pam.d/login?
Maybe I should switch back to stable packages... ~x86 was very buggy last weeks :(
Back to top
View user's profile Send private message
di1bert
l33t
l33t


Joined: 16 May 2002
Posts: 963
Location: Oslo, Norway

PostPosted: Thu Sep 25, 2003 12:50 pm    Post subject: Reply with quote

Same thing here...

Any chance someone could post a working pam.d/login file as my box is useless until I can fix this.

The package is fine, it just seems to be the updated conifg file that is borking the system.

I am using a ~x86 system...

-- di1bert
_________________
choff.
Back to top
View user's profile Send private message
water
Guru
Guru


Joined: 19 Jun 2002
Posts: 387
Location: Zierikzee, The Netherlands

PostPosted: Thu Sep 25, 2003 1:05 pm    Post subject: Reply with quote

Time to report a bug, i think
_________________
Groeten uit Holland
Back to top
View user's profile Send private message
di1bert
l33t
l33t


Joined: 16 May 2002
Posts: 963
Location: Oslo, Norway

PostPosted: Thu Sep 25, 2003 1:08 pm    Post subject: Reply with quote

Yes.

And for those of you (who like me) are too lazy to read bug reports...

*** Fix (temporary)
I had the same problem. My solution is to replace "pam_unix2.so" with "pam_unix.so",
after that evyryting should work fine.
***

I just did this and my system is back up and running. It seems there is NO pam_unix2.so file...probably the source of the problem...

Anyhoo...back to "life"

-- di1bert
_________________
choff.
Back to top
View user's profile Send private message
patrickfo
Tux's lil' helper
Tux's lil' helper


Joined: 30 Jun 2002
Posts: 79
Location: France

PostPosted: Thu Sep 25, 2003 1:21 pm    Post subject: same pb with pam-login Reply with quote

but i can login with ssh
in /etc/pam.d/login we have reference to non existant modules:
remove all "2"
pam_unix2.so => pam_unix.so for example
and all will be ok
Back to top
View user's profile Send private message
Lasker
Guru
Guru


Joined: 17 Jul 2002
Posts: 445

PostPosted: Thu Sep 25, 2003 2:29 pm    Post subject: Re: same pb with pam-login Reply with quote

patrickfo wrote:
but i can login with ssh
in /etc/pam.d/login we have reference to non existant modules:
remove all "2"
pam_unix2.so => pam_unix.so for example
and all will be ok


Yea, that works! :-)
But I wonder, why nobody mentioned the most obvious method
for people like me, who don't have a running ssh server but a boot CD:

Just boot from CD, mount your root partition like you did when you installed your system, i.e. 'mount -t reiserfs /dev/hda3 /mnt/gentoo'.
Then 'cd /mnt/gentoo/etc/pam.d' and edit with 'nano -w login'.

HTH
Back to top
View user's profile Send private message
SavageMindz
Tux's lil' helper
Tux's lil' helper


Joined: 28 Oct 2002
Posts: 87
Location: The bit of hell that has frozen over.

PostPosted: Thu Sep 25, 2003 3:52 pm    Post subject: Reply with quote

I just had the same problem. Thanks for the fix guys. I had a broken system there for all of 30 secs. Sometimes you guys really rock. :D
Back to top
View user's profile Send private message
()
l33t
l33t


Joined: 25 Nov 2002
Posts: 610

PostPosted: Thu Sep 25, 2003 5:58 pm    Post subject: Reply with quote

Maybe there should be some rules that certain critical packages are tested properly before entering the portage tree? I mean, chances are good you find a solution soon @ forums.gentoo.org, but not being able to log in #%!$
Back to top
View user's profile Send private message
wilk307
n00b
n00b


Joined: 25 Sep 2003
Posts: 0

PostPosted: Thu Sep 25, 2003 7:02 pm    Post subject: Reply with quote

same thing here

in my case (no cd unit / no ssh server) i passed the "single" argument in the grub menu;
after this you you should get a root prompt and be able to fix things

for those who don't know this trick: select a linux entry in grub then append the "single" word
after all the other stuff at the command line; press enter and wait for the root prompt :)
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 19035

PostPosted: Thu Sep 25, 2003 11:40 pm    Post subject: Reply with quote

Moved from Installing Gentoo.
_________________
Magna Carta (1215) | Spectral evidence no longer permissible (c. 1792) | Cancel culture, deplatforming (c. 2016)
Back to top
View user's profile Send private message
neenee
Veteran
Veteran


Joined: 20 Jul 2003
Posts: 1786

PostPosted: Thu Sep 25, 2003 11:46 pm    Post subject: Reply with quote

thanks all - that worked beautifully for me.

(used wilk307's method to get to a prompt,
then patrickfo's instructions and removed
the 2's)
Back to top
View user's profile Send private message
chutzpah
Developer
Developer


Joined: 24 Mar 2003
Posts: 13
Location: Montreal, QC, Canada

PostPosted: Fri Sep 26, 2003 1:45 am    Post subject: Login Reply with quote

Here's the working /etc/pam.d/login (luckily I didnt logout, and I have access to, oh 8 or 9 other gentoo boxen)

Anyway, here it is
Code:

#%PAM-1.0
                                                                               
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
                                                                               
account    required     /lib/security/pam_stack.so service=system-auth
                                                                               
password   required     /lib/security/pam_stack.so service=system-auth
                                                                               
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so


Hope this helps those without access to another box with gentoo.
Back to top
View user's profile Send private message
dufeu
l33t
l33t


Joined: 30 Aug 2002
Posts: 913
Location: US-FL-EST

PostPosted: Fri Sep 26, 2003 4:14 am    Post subject: Kudos to danielrm26 Reply with quote

Thanks man. You rock. ;-)

And more thanx to those who posted /etc/pam.d/login entries.

8)
_________________
People whom think M$ is mediocre, don't know the half of it.
Back to top
View user's profile Send private message
Azarah
Retired Dev
Retired Dev


Joined: 20 Jun 2002
Posts: 81

PostPosted: Fri Sep 26, 2003 4:32 am    Post subject: Reply with quote

Hi guys, slight screwup my side - did not notice that /etc/pam.d/login
there, sorry. Another way will be to delete it, and remerge sys-apps/shadow.
Back to top
View user's profile Send private message
Azarah
Retired Dev
Retired Dev


Joined: 20 Jun 2002
Posts: 81

PostPosted: Fri Sep 26, 2003 4:50 am    Post subject: Reply with quote

Thanks Rac - would have fixed this earlier, but DSL over here was down
again :(
Back to top
View user's profile Send private message
Raoul_Duke
l33t
l33t


Joined: 15 Dec 2002
Posts: 694
Location: Caerdydd, Wales

PostPosted: Fri Sep 26, 2003 6:49 am    Post subject: Reply with quote

Azarah wrote:
Thanks Rac - would have fixed this earlier, but DSL over here was down
again :(


Don't worry, took 5 seconds to find this thread......20 secs to fix the problem. It's the sort of thing that happens from time to time :wink:
_________________
www.iamthepenguin.com
Back to top
View user's profile Send private message
()
l33t
l33t


Joined: 25 Nov 2002
Posts: 610

PostPosted: Fri Sep 26, 2003 7:21 am    Post subject: Reply with quote

Azarah: Could there be a restriction that system critical packages are tested before making their way into the tree? This should've been fairly easy to discover.
Back to top
View user's profile Send private message
Auka
Tux's lil' helper
Tux's lil' helper


Joined: 01 Jul 2002
Posts: 110
Location: Germany

PostPosted: Fri Sep 26, 2003 8:31 am    Post subject: Reply with quote

Hi, i had the same problem here. But as logging in through xdm (kdm, whatever) still worked fine I was lucky... ;-)
Back to top
View user's profile Send private message
Lasker
Guru
Guru


Joined: 17 Jul 2002
Posts: 445

PostPosted: Fri Sep 26, 2003 11:33 am    Post subject: Reply with quote

wilk307 wrote:
same thing here

in my case (no cd unit / no ssh server) i passed the "single" argument in the grub menu;
after this you you should get a root prompt and be able to fix things

for those who don't know this trick: select a linux entry in grub then append the "single" word
after all the other stuff at the command line; press enter and wait for the root prompt :)


Interesting, I'll remember this for the next time.
But isn't "single" the same as runlevel 1?
If so, IIRC I had to put runlevel entries imediately behind the kernel entry and before all other options in that line...
Back to top
View user's profile Send private message
ce110ut
Apprentice
Apprentice


Joined: 27 Sep 2002
Posts: 199

PostPosted: Fri Sep 26, 2003 3:22 pm    Post subject: Reply with quote

for reason's unknown, the provided /etc/pam.d/login post did NOT work for me. I re-emerged shadow and that fixed it for me.

thanks to all - now I'm late for class :P
Back to top
View user's profile Send private message
Azarah
Retired Dev
Retired Dev


Joined: 20 Jun 2002
Posts: 81

PostPosted: Fri Sep 26, 2003 5:16 pm    Post subject: Reply with quote

() wrote:
Azarah: Could there be a restriction that system critical packages
are tested before making their way into the tree? This should've been fairly
easy to discover.


Well, sure, but sometimes there is not that much time for a 'less demaning'
package. For ages now pam-login have been fairly without issues, and
it _never_ before wanted to install /etc/pam.d/login :/

Also, yes, it might not be a good attitude, but I would have liked to think
that it being in "unstable profile", would make people look at it as an
possibly unstable package, and rather help fix issues that was missed due
to either not having that environment that causes the issues, or missing
due to overlooking something obvious. No offense intended :wink:
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum