From owner-freebsd-current@FreeBSD.ORG Fri Dec 23 01:57:14 2011 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DF51106566B for ; Fri, 23 Dec 2011 01:57:14 +0000 (UTC) (envelope-from ohartman@zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id C4A148FC12 for ; Fri, 23 Dec 2011 01:57:13 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.69) with esmtp (envelope-from ) id <1RduNk-0006Vv-UG>; Fri, 23 Dec 2011 02:57:13 +0100 Received: from e178027232.adsl.alicedsl.de ([85.178.27.232] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.69) with esmtpsa (envelope-from ) id <1RduNk-0000rl-P3>; Fri, 23 Dec 2011 02:57:12 +0100 Message-ID: <4EF3DFF8.4000801@zedat.fu-berlin.de> Date: Fri, 23 Dec 2011 02:57:12 +0100 From: "O. Hartmann" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20111222 Thunderbird/9.0 MIME-Version: 1.0 To: Gleb Smirnoff References: <4EF25913.50107@zedat.fu-berlin.de> <20111222155913.GR80057@FreeBSD.org> In-Reply-To: <20111222155913.GR80057@FreeBSD.org> X-Enigmail-Version: undefined Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig5E032B90606743530A45FA56" X-Originating-IP: 85.178.27.232 Cc: freebsd-current@FreeBSD.org Subject: Re: xdm/login: in openpam_check_path_owner_perms(): /usr/local/lib/pam_ldap.so.5 not found X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 01:57:14 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig5E032B90606743530A45FA56 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable On 12/22/11 16:59, Gleb Smirnoff wrote: > On Wed, Dec 21, 2011 at 11:09:23PM +0100, Hartmann, O. wrote: > H> OS: FreeBSD 10.0-CURRENT/amd64 r228787 > H>=20 > H> Since the last update of world yesterday were I managed to compile t= he > H> OS WITH_LIBCPLUSPLUS=3DYES in /etc/src.conf, > H> only root is capable to login on the console. > H>=20 > H> I use OpenLDAP 2.4 as the backend for usual users, having also an > H> "emergency" user installed in the local /etc/passwd just in case. > H>=20 > H> The problem is, I can not login via xdm or console login anymore as = any > H> usual user, even not as a user residing in the local passwd file. > H>=20 > H> Trying to login as LDAP backed user, I get the error > H> SASL/DIGEST-MD5 authentication started > H> Login icorrect > H>=20 > H> Inspecting /var/log/auth.log reveals for this incident > H>=20 > H> login: in openpam_check_path_owner_perms(): > H> /usr/local/lib/pam_ldap.so.5: No such file or directory > H>=20 > H> Trying tologin as a local (/etc/passwd backed) user gets > H> sometimes the same login issue, but sporadically I get a login but > H> landing in / instead of /home/user. /home is a ZFS volume. > H>=20 > H> I reinstalled pam_ldap, nss_ldap, openldap-sasl-server/client many t= imes > H> now since I suspected a fault in compilation (everything is compiled= via > H> CLANG), but I have no success. > H>=20 > H> /usr/local/lib/pam_ldap.so.5 does not exist, it is simply pam_ldap.s= o. > H>=20 > H> It seems, that the OS can not find the homes on the ZFS volume. Doin= g a > H> su - USER works for all LDAP users but not the local users, I receiv= e > H> the error su: no directory. This is very strange. While su - as roo= t > H> does not work, login as such a failing user work, but as mentioned > H> without home. > H>=20 > H> The last thing I did on that box is: I recompiled yesterday evening > H> world, switched the box off. When I switched the box on today, I ran= > H> into this issue. > H>=20 > H> I recompile the system without flag WITH_LIBCPLUSPLUS and see what i= s > H> happening. Do others also see this strange behaviour? >=20 > This is definitely due to libpam update. In my case, I also got message= s: >=20 > openpam_check_path_owner_perms(): /usr/local/lib/pam_ldap.so.5: No such= file or directory >=20 > But this doesn't prevent me from logging in. The new PAM code first > tries to dlopen() a library configured in /etc/pam.d with ".5" appended= > to it, this is hardcoded. If failed, it dlopens the exact name from > configuration. So, the message is harmless itself - the pam_ldap.so > is opened successfully. >=20 > I suppose failure to login that you experience is related to another > fallout from the new PAM import. >=20 With the most recent patch and make world the problem has gone! luckily .= =2E. oliver --------------enig5E032B90606743530A45FA56 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iQEcBAEBAgAGBQJO89/4AAoJEOgBcD7A/5N8QGoH/A30QXoxGNYzGt0WTNexD3NL jxNWOtGSxBLlS+JBNDeosMCRL5kRuEjC9BmT9bEsrIwVwXorJLV1P/TzmJ9DJI12 ZOS8xDpdVUWVF8hPOp/tRUdpbR/xDsOyA0OuD8fUoafLAJe5Ec8eN5IfU380LfVJ sjuR6TRF32/mbSQPgTekt3B4f7lhgcd8DmLj9wdjM4HRM19huttxdN9EejbQjNIf MaYlqPmcSQTPjOXPMeie1XXsunBZbKzbnz3XfA/TKq32ygfWpxhsdhH+Tf+R3AK9 f1Wl5kCn3GN0D1TFvADxg7WAAcQQzcnkLvXD+x4IOkxyZkkyKr4XKHRfphyJ180= =niHy -----END PGP SIGNATURE----- --------------enig5E032B90606743530A45FA56--