pam_sm_chauthtok: ∞ (approx), me: 1


Holy authentication labyrinths, Batman!

For years, I have been getting messsages on the console of my FreeBSD servers like:

Oct 19 15:40:32 pacific /kernel: Oct 19 15:40:32 pacific sshd[41359]: unable to resolve symbol: pam_sm_chauthtok

Not only from sshd, but any application that had to perform some sort of authentication. Now, I knew the pam_chauthtok primitive is part of the PAM password facility and I had tried commenting out the facility completely, using or, searching Google and the FreeBSD mailing lists, to no avail.

But I've just fixed it!

Turns out that even though I'm using the new-ish, separate files in /etc/pam.d configuration style (rather than one big /etc/pam.conf file) the other service still gets consulted if a facility hasn't been specified for the service. I assume it is also consulted if the control flags for a service can allow it to fall through.

So commenting out the facility in the appropriate service files and other fixed it. I was skimming an introduction to PAM on FreeBSD when the idea occured to me.


In other news, Operations Research II sucks.

Posted Tuesday, October 19, 2004 at 16:10.


TrackBack URL for this post:


Add a Comment



Preview your comment before submitting.