PAM Error in Heron


After recently installing Ubuntu 8.04 on one of my boxes, I have only two complaints.

1) The laptop I have apparently has the only unsupported Atheros wireless chipset in history (AR242X).

2) Every two or three minutes, an error shows up in /var/log/auth.log (username removed):

May 13 21:26:03 neon sudo: username_removed : TTY=pts/3 ; PWD=/etc/pam.d ; USER=root ; COMMAND=/usr/bin/vi common-password
May 13 21:26:03 neon sudo: PAM unable to dlopen(/lib/security/
May 13 21:26:03 neon sudo: PAM [error: /lib/security/ cannot open shared object file: No such file or directory]
May 13 21:26:03 neon sudo: PAM adding faulty module: /lib/security/
May 13 21:26:03 neon sudo: pam_unix(sudo:session): session opened for user root by username_removed(uid=0)
May 13 21:26:03 neon sudo: pam_unix(sudo:session): session closed for user root

This message also appears whenever you sudo anything, filling up the auth log and making it virtually impossible to quickly skim through it and see meaningful messages. The error appears to be related to an auth mechanism that comes pre-enabled for SAMBA. Why that would come pre-enabled is beyond me, but the fix appears to be relatively simple.

In /etc/pam.d/common-password, find the line that says:

password optional nullok use_authtok use_first_pass

...and comment it out. Next, find

auth optional migrate /etc/pam.d/common-auth and comment that out as well.

Done and done. Enjoy your minty-fresh auth log.

About this Entry

This page contains a single entry by Philip Ratzsch published on May 13, 2008 9:37 PM.

MAC spoofing was the previous entry in this blog.

Rackspace Developers Conference is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.