pam_sm_chauthtok missing, and automatic pam-auth-update causing problems
When I install libpam-
The problem is that common-password is modified, but it appears that the pam_sm_chauthtok symbol isn't present in the library. This causes the PAM password service to fail, and the following message appears in /var/log/auth.log
Aug 16 23:17:54 192-168-3-4 passwd[6070]: PAM unable to resolve symbol: pam_sm_chauthtok
Perhaps the module in the Ubuntu distro is being compiled without PAM_SM_PASSWORD defined?
As a side note, if the package install scripts automatically runs pam-auth-update tacplus, it makes it impossible to include libpam-tacplus in a distro. This is because configuration for libtacplus is added to the common-* files, but no TACACS+ server is configured. This causes all logins to fail with the following (in auth.log):
Aug 16 23:15:30 192-168-3-4 PAM-tacplus[6022]: TACACS+ service type not configured
We've tried to create an appliance that contains libpam-tacplus, but after installation, it's impossible to log in for the reason stated above. The only way to recover is to boot into single-user mode and unconfigure libpam-tacplus (or point it at a TACACS+ server).
I suppose we could work around this by running pam-auth-update -r tacplus, later in our appliance install process, but I would prefer if pam-auth-update were not run automatically on package install.
Thanks
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Gordon Good for more information if necessary.