search for: pam_loginuid

Hi all, I've had this error rear it's ugly head again and I'm not exactly sure why. The output in /var/log/message is: crond[14764]: pam_loginuid(crond:session): set_loginuid failed opening loginuid crond[14765]: pam_loginuid(crond:session): set_loginuid failed opening loginuid crond[14811]: pam_loginuid(crond:session): set_loginuid failed opening loginuid crond[14842]: pam_loginuid(crond:session): set_loginuid failed opening l...

...n failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=192.168.0.209 user=john Jun 7 18:51:46 moray1 sshd[11348]: Accepted password for john from ::ffff:192.168.0.209 port 57755 ssh2 Jun 7 18:51:46 moray1 sshd(pam_unix)[11352]: session opened for user john by (uid=500) Jun 7 18:51:46 moray1 pam_loginuid[11352]: set_loginuid failed opening loginuid Jun 7 18:51:46 moray1 pam_loginuid[11352]: set_loginuid failed Does any of this make sense? I've tried it on three different clients and get the same thing every time. JDL Jun 7 18:51:46 moray1 sshd[11352]: fatal: PAM session setup failed[14]...

...ount required pam_access.so accessfile=/etc/security/access-sshd.conf account required pam_nologin.so account include system-auth password include system-auth session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so and setup access file /etc/security/access-sshd.conf - : user1 : ALL EXCEPT 1.1.1.1 - : user2 : ALL EXCEPT 2.2.2.2 This setup works fine. I'm able to login from defined sources, but only via password authentication. When I use ssh keys I'm unable to login and in /var/log/secure is th...

...k.so service=system-auth auth sufficient pam_winbind.so account sufficient pam_stack.so service=system-auth account sufficient pam_winbind.so password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session required pam_loginuid.so

...sion optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed auth required pam_shells.so auth include system-auth account include system-auth session include system-auth session required pam_loginuid.so # grep local /etc/vsftpd/vsftpd.conf local_enable=YES local_umask=022 chroot_local_user=YES # getsebool -a | grep ftp allow_ftpd_anon_write --> off allow_ftpd_full_access --> off allow_ftpd_use_cifs --> off allow_ftpd_use_nfs --> off allow_tftp_anon_write --> off ftp_home_dir --...

I have a couple of workstations that are perfect candidates for Linux at a client's location. The only think i am shaky on is getting CentOS 4.4 to integrate into the AD domain. Any tips links would be highly appreciated. -- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou

...th required pam_nologin.so account sufficient pam_succeed_if.so user ingroup sshlogin account sufficient pam_succeed_if.so user ingroup wheel password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth session required pam_loginuid.so session sufficient pam_mkhomedir.so skel=/etc/skel umask=0027 # ---------------------------------------------------------------------- The critical lines are: account sufficient pam_succeed_if.so user ingroup sshlogin The above is to allow an AD group "sshlogin" to ssh...

...noreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss /etc/pam.d/crond auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth /etc/pam.d/system-auth-ac #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_s...

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

I have a RHEL 6.3 machine successfully bound to AD using winbind, and commands like wbinfo -u and wbinfo -g output the users and groups. I can also log in as any AD user. The problem is, I can log on as any AD user. require_membership_of is being ignored. I can put in a valid group with no spaces in the name, a group by SID, and either way, everyone can log in. I've put this option in both

...m_selinux.so > sshd 3100 root mem REG 9,1 6808 65768 /lib64/security/pam_keyinit.so > sshd 3100 root mem REG 9,1 15048 65770 /lib64/security/pam_limits.so > sshd 3100 root mem REG 9,1 6584 65773 /lib64/security/pam_loginuid.so > sshd 3100 root mem REG 9,1 5080 65803 /lib64/security/pam_warn.so > sshd 3100 root DEL REG 0,9 3642362 /dev/zero > sshd 3100 root 0u CHR 1,3 1908 /dev/null > sshd 3100 root 1u CHR...

...th include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth However, when I rebuild this exac...

...th include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth However, when I rebuild this exac...

...lude postlogin account required pam_sepermit.so account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session required pam_namespace.so session optional pam_keyinit.so force revoke #session optional pam_motd.so session include...

...the /etc/pam.d/vsftpd -------------- [root@ftp ~]# cat /etc/pam.d/vsftpd #%PAM-1.0 auth?????? required???? pam_krb5.so try_first_pass auth?????? required???? pam_shells.so account??? required???? pam_krb5.so try_first_pass session??? required???? pam_krb5.so try_first_pass session??? required???? pam_loginuid.so [root@ftp ~]# -------------- Output of klist command -------------- [root@ftp ~]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: test2@GOTEST.COM Valid starting???? Expires??????????? Service principal 02/08/06 12:56:55? 02/08/06 22:56:56? krbtgt/GOTEST.COM@GOTEST.COM ??????? renew...

...ice: # tail /path/to/rootfs/of/container/var/log/secure Jul 27 04:25:25 xen2143v sshd[671]: Accepted password for zhangyufang from 10.0.0.1 port 34102 ssh2 Jul 27 04:25:25 xen2143v sshd[671]: pam_unix(sshd:session): session opened for user zhangyufang by (uid=0) Jul 27 04:25:25 xen2143v sshd[671]: pam_loginuid(sshd:session): set_loginuid failed *Jul 27 04:25:25 xen2143v sshd[671]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session* *Jul 27 04:25:25 xen2143v sshd[674]: error: open /dev/tty failed - could not set controlling tty: No such file or directory* *Jul 27 04:25:2...

...include system-auth account required pam_nologin.so account include system-auth password include system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session include system-auth session required pam_loginuid.so session optional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so pam_limits.so open session optional pam_keyinit.so force revoke What am I doing wrong? S.

...required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_selinux.so close session required pam_mkhomedir.so skel=/etc/skel umask=0077 session required pam_stack.so service=system-auth session required pam_loginuid.so session optional pam_timestamp.so session optional pam_console.so session required pam_selinux.so multiple open --- End of: /etc/pam.d/login ---- Thanks for your help! Jo -- jT | mail to: hyvan_trant@hotmail.com ** | website: http://www.chiark.greenend.org.uk/~jsturner/

...d pam_sepermit.so auth include password-auth account required pam_nologin.so account include password-auth password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth System information: Linux testbox01 2.6.32-431.el6.x86_6...

...d??? pam_nologin.so ??? auth??????? include???? system-auth ??? account???? required??? pam_access.so ??? account???? required??? pam_nologin.so ??? account???? required??? pam_time.so ??? account???? include???? system-auth ??? password??? include???? system-auth ??? session???? optional??? pam_loginuid.so ??? session???? required??? pam_env.so envfile=/etc/profile.env ??? session???? optional??? pam_lastlog.so silent ??? session???? include???? system-auth ??? session???? optional??? pam_motd.so motd=/etc/motd ??? session???? optional??? pam_mail.so ??? -session??? optional??? pam_elogind.s...