Re: 2.6.13-rc6-mm1

Hi,

On 21/08/2005 1:40 a.m., David Woodhouse wrote:

On Fri, 2005-08-19 at 18:36 -0700, Andrew Morton wrote:

Reuben Farrelly <[email protected]> wrote:

...

4. PAM is complaining about "PAM audit_open() failed: Protocol not suppor

ted" and I can't log in as any user including root. I would have picked this was a userspace problem, but it doesn't break with -rc5-mm1, yet reproduceably breaks with -rc6-mm1. Weird.

hm.  How come you're able to use the machine then?

Machine was booting up ok, and things were being written to syslog. Rebooted into -rc5-mm1 to investigate, and of course could boot into rc6-mm1 in single user mode, test and bring services up one by one from there. Having two boxes helped too.

Is it possible to get an strace of this failure somehow?

Not sure if this is needed anymore, as I found that the problem goes away when I compile in kernel auditing. This not required for -rc5-mm1. Is that change intended?

Sounds wrong to me, especially if 2.6.13-rc6 doesn't do that.

Hm. It sounds like you'd configured PAM to require the pam_loginuid
module even though you didn't have auditing enabled in your kernel. That
seems strange and wrong to me, and _is_ a userspace problem.

I haven't touched my pam config since it was installed a long time ago - it's one of those things that is too annoying to fix once broked, so I leave it alone at the system defaults ;)

I had logged this as a Fedora bug as I figured the pam_loginuid

detection of the presence of auditing in the kernel is not very robust. There was a patch modified in pam-0.80-6 at the start of August which was to fix this on non audit enabled kernels, which works for anything up to and older than 2.6.12-rc5-mm1.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166422

It was closed 8 mins later, and the suggestion made that I take it to a pam development list instead. Redhat don't seem so interested in fixing things as a result of breakage when running an -mm kernel.

I'd also agree that it shouldn't have changed with the new kernel though
-- and I can't think of anything I changed recently which would have
that effect. An strace would still be useful.

Done.  Posted up at  http://www.reub.net/kernel/strace-login

Can you double-check that you didn't have auditing enabled in your
older, working kernel?

Definitely wasn't enabled.  I still have the .config that I used to build
-rc5-mm1 with and my original -rc6-mm1 and it reads:

CONFIG_SYSCTL=y
# CONFIG_AUDIT is not set
CONFIG_HOTPLUG=y

Thanks for taking a look.

Reuben




-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • 2.6.13-rc6-mm1
    • From: Andrew Morton <[email protected]>
  • Re: 2.6.13-rc6-mm1
    • From: Reuben Farrelly <[email protected]>
  • Re: 2.6.13-rc6-mm1
    • From: Andrew Morton <[email protected]>
  • Re: 2.6.13-rc6-mm1
    • From: Reuben Farrelly <[email protected]>
  • Re: 2.6.13-rc6-mm1
    • From: Andrew Morton <[email protected]>
  • Re: 2.6.13-rc6-mm1
    • From: David Woodhouse <[email protected]>

• Prev by Date: Re: s390 build fix.
• Next by Date: Re: 2.6.13-rc6-mm1
• Previous by thread: Re: 2.6.13-rc6-mm1
• Next by thread: Re: 2.6.13-rc6-mm1
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]