From owner-freebsd-questions@FreeBSD.ORG Tue Mar 18 08:36:03 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 29118D08 for ; Tue, 18 Mar 2014 08:36:03 +0000 (UTC) Received: from ipmail06.adl2.internode.on.net (ipmail06.adl2.internode.on.net [IPv6:2001:44b8:8060:ff02:300:1:2:6]) by mx1.freebsd.org (Postfix) with ESMTP id B78A5BDC for ; Tue, 18 Mar 2014 08:36:02 +0000 (UTC) Received: from ppp118-210-75-104.lns20.adl2.internode.on.net (HELO leader.local) ([118.210.75.104]) by ipmail06.adl2.internode.on.net with ESMTP; 18 Mar 2014 19:06:00 +1030 Message-ID: <5328056F.6050405@ShaneWare.Biz> Date: Tue, 18 Mar 2014 19:05:59 +1030 From: Shane Ambler User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: Olivier Nicole , "freebsd-questions@freebsd.org" Subject: Re: Cannot authenticate after upgrade 9.1 to 9.2 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 08:36:03 -0000 On 17/03/2014 21:43, Olivier Nicole wrote: > Hi, > > I just completed an upgrade from 9.1 to 9.2, using the traditional > way (fetch sources, make buildworld, make kernel, mergmaster -p, > make installworld, mergemaster, make delete-old) > > After I rebooted, I could not authenticate anymore: I get the error: > > login: in try_dlopen(): /usr/lib/pam_skey.so: Shared object > "libskey.so.2" not found login: in openpam_load_module(): no > pam_skey.so found That would indicate that pam_skey.so wants to open libskey.so which doesn't exist. I don't see either of those files on 8.4,9.2,10.0 or current. The only reference to pam_skey I see in the svn logs was 13 years ago when updating to openssh 2.3.0. make delete-old will remove these old libs, maybe you hadn't done that in a while, or it just missed one. I would say you can safely remove /usr/lib/pam_skey.so You may want to make sure that it isn't listed in any pam config files /etc/pam.d/* /etc/pam.conf /usr/local/etc/pam.d/* /usr/local/etc/pam.conf Given that you can't authenticate you would need to do this in single user mode. > The account on that server do not use PAM, they are plain old > /etc/passwd account, that have been working that way for ages (the > machine has been updated since version 4 or 5 I guess). Actually PAM provides a common authentication framework that is used in many places. Standard unix authentication works through pam_unix.so