Date: Sat, 21 Sep 2002 15:33:47 -0400 (EDT) From: jason <jason@monsterjam.org> To: Bob Johnson <bob88@bobj.org> Cc: freebsd-questions@freebsd.org Subject: Re: pam is hosed! ;) Message-ID: <20020921153229.Y44226-100000@monsterjam.org> In-Reply-To: <200209211518.27542.bob88@bobj.org>
next in thread | previous in thread | raw e-mail | index | archive | help
actually removing the /etc/pam.d directory solved the problem.. it looks like cups installed some stuff there thinking Im on a linux box. Jason -- Christ: A man who was born at least 5,000 years ahead of his time. On Sat, 21 Sep 2002, Bob Johnson wrote: > On Saturday 21 September 2002 01:56 pm, jason appears to have written: > > running FreeBSD monsterjam.org 4.5-RC FreeBSD 4.5-RC #0: Sat Jan 26 > > 00:52:46 EST 2002 > > root@monsterjam.org:/space/obj/usr/src/sys/ROLAND i386 and > > everything has been running absolutely ducky for quite a while > > monsterjam# uptime > > 1:45PM up 237 days, 35 mins, 8 users, load averages: 0.16, 0.04, > > 0.02 > > > > all of a sudden pam stops authenticating for my imap/pop3 users and > > http users.. > > I see all these messages in my /var/log/messages: > > > > Sep 21 13:23:22 monsterjam cupsd: unable to > > dlopen(/lib/security/pam_unix.so) > > Sep 21 13:23:22 monsterjam cupsd: [dlerror: Cannot open > > "/lib/security/pam_unix.so"] > > Sep 21 13:23:22 monsterjam cupsd: adding faulty module: > > /lib/security/pam_unix.so > > > > Sep 20 22:35:36 monsterjam login: _pam_init_handlers: no default > > config /etc/pam.d/other > > Sep 20 22:35:36 monsterjam login: error reading PAM configuration > > file Sep 20 22:35:36 monsterjam login: pam_start: failed to > > initialize handlers Sep 20 22:35:36 monsterjam login: pam_start: > > Critical error - immediate abort > > > > > > Sep 21 08:40:58 monsterjam login: unable to > > dlopen(/lib/security/pam_unix.so) > > Sep 21 08:40:58 monsterjam login: [dlerror: Cannot open > > "/lib/security/pam_unix.so"] > > Sep 21 08:40:58 monsterjam login: adding faulty module: > > /lib/security/pam_unix.so > > Sep 21 08:40:58 monsterjam login: pam_authenticate: Module is unknown > > > > Ive searched google and cant seem to find out what they mean. > > > > looking at my system, pam_unix.so is in /usr/lib, not /lib/security > > > > monsterjam# locate pam_unix.so > > /usr/lib/pam_unix.so > > > > regular telnet,ssh logins to the box work fine, just not imap, pop3, > > http, what should I do? > > Tentatively, I'd say it looks like someone installed their own (Linux?) > version of PAM on your system in an effort to gain access. > > What does "ls -l /etc/pam.conf" show, and what is in /etc/pam.conf? > > Have you upgraded or installed anything at all recently? > > Also, have you kept up to date on security patches? > > What does "last" show? > > - Bob > > > > > regards, > > Jason > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020921153229.Y44226-100000>