Date: Sat, 1 Sep 2007 15:44:51 +0200 From: Mel <fbsd.questions@rachie.is-a-geek.net> To: freebsd-questions@freebsd.org Subject: Re: PAM issues in -CURRENT (supplement) Message-ID: <200709011544.51498.fbsd.questions@rachie.is-a-geek.net> In-Reply-To: <46D95CBD.7050403@lazlarlyricon.com> References: <46D928E2.1050907@lazlarlyricon.com> <200709011320.58769.fbsd.questions@rachie.is-a-geek.net> <46D95CBD.7050403@lazlarlyricon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 01 September 2007 14:36:13 Rolf G Nielsen wrote: > Mel wrote: > > On Saturday 01 September 2007 10:54:58 Rolf G Nielsen wrote: > >> I just installed 7.0-CURRENT (after someone said on this list that it's > >> very stable and there are very few bugs left). So far it seems to work > >> fine, but there's one thing that bothers me. I repeatedly get the > >> following messages in the console: > >> > >> in openpam_dispatch(): pam_nologin.so: no pam_sm_authenticate() > >> in openpam_dispatch(): pam_nologin.so: no pam_sm_setcred() > >> > >> One of those, or sometimes both, appear every time someone logs in, and > >> since I use fetchmail to get mail from several accounts and deliver them > >> locally, and then a local POP3 server from which my mail clients gets > >> the mail, the logins, and thus the warning/error messages, are quite > >> frequent. > >> > >> Now for my actual questions: > >> > >> 1. How severe are those messages? Should I assume that there are > >> security holes? > > > > Don't think so. I think you didn't recompile PAM-aware software (like > > fetchmail and qpopper) so PAM warns you they didn't call the proper > > functions. > > > >> 2. How do I get rid of the messages? No matter how severe they are, I do > >> NOT want them filling up the console. So how could I correct the > >> problem? > > > > Silence it by altering auth.notice to auth.none on the /dev/console line > > in /etc/syslog.conf and then restart syslogd (/etc/rc.d/syslogd restart). > > > >> 2a. Why do those messages appear at all? Could I have done something > >> wrong when building and installing world and/or kernel? > > > > I think it's mostly the port software. Sshd for instance shouldn't > > generate this problem. > > Here's exactly what I've done: > > 1. I downloaded the sources into a separate source tree (to keep the 6.2 > sources if I wanted to roll back), /usr/src7. Aha! [1] > k. mergemaster [1] Are you sure temproot was made using /usr/src7 and not /usr/src? I'm pretty sure this is the culprit. The only thing different that I did, was using a cross-partition install (so that machine can boot -stable and -current) and the major diff with that is, that you get a virgin /etc/. Another minor diff is that you're recommended to recompile after booting into -current, however, I still have the auth log from the first boot and did not find any messages similar to yours, which I should have if it's a problem in -current. If you suspect the mergemaster problem: mv /usr/src /usr/src6 ln -s /usr/src7 /usr/src mergemaster -- Mel People using reply to all on lists, must think I need 2 copies.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200709011544.51498.fbsd.questions>