pam_sm_chauthtok: ∞ (approx), me: 1
Holy authentication labyrinths, Batman!
For years, I have been getting messsages on the console of my FreeBSD servers like:
Oct 19 15:40:32 pacific /kernel: Oct 19 15:40:32 pacific sshd: unable to resolve symbol: pam_sm_chauthtok
Not only from sshd, but any application that had to perform some sort of authentication. Now, I knew the
pam_chauthtok primitive is part of the PAM
password facility and I had tried commenting out the facility completely, using
pam_permit.so, searching Google and the FreeBSD mailing lists, to no avail.
But I've just fixed it!
Turns out that even though I'm using the new-ish, separate files in
/etc/pam.d configuration style (rather than one big
/etc/pam.conf file) the
other service still gets consulted if a facility hasn't been specified for the service. I assume it is also consulted if the control flags for a service can allow it to fall through.
So commenting out the facility in the appropriate service files and
other fixed it. I was skimming an introduction to PAM on FreeBSD when the idea occured to me.
In other news, Operations Research II sucks.
Posted Tuesday, October 19, 2004 at 16:10.
TrackBack URL for this post: http://volition.vee.net/mt/mt-idle-trackback.cgi/350