1 |
|
2 |
Hello,
|
3 |
I've noticed a problem with the current PAM update to
|
4 |
sys-libs/pam-1.4.0. |
5 |
|
6 |
|
7 |
The update adds passwdqc USE to sys-auth/pambase, which pulls in
|
8 |
sys-auth/passwdqc. However sys-auth/passwdqc fails to build on my
|
9 |
system, and leaves me with an installed sys-libs/pam-1.4.0 which is
|
10 |
broken and does not allow any new login.
|
11 |
The end result is that sys-libs/pam-1.4.0 was successfully merged but
|
12 |
sys-auth/pambase will not be merged, due to a build failure in passwdqc.
|
13 |
Disabling the USE flag passwdqc for pambase allows an update to pambase
|
14 |
too, and logins work again. |
15 |
|
16 |
|
17 |
|
18 |
This is a warning to anyone out there who updates daily and runs an
|
19 |
~amd64. |
20 |
|
21 |
|
22 |
|
23 |
One system that I updated and restarted, I cannot login to it anymore
|
24 |
(or ssh into it). Another system that I updated and currently am
|
25 |
writing from, I'm still logged in after the broken update. and I can
|
26 |
see the following error message (before disabling the USE flag passwdqc
|
27 |
for the package pambase):
|
28 |
PAM unable to dlopen(/lib64/security/pam_cracklib.so): /lib64/security/pam_cracklib.so: cannot open shared object file: No such file or directory
|
29 |
PAM adding faulty module: /lib64/security/pam_cracklib.so |
30 |
|
31 |
|
32 |
|
33 |
After doing a
|
34 |
USE=-passwdqc emerge -a1 pambase
|
35 |
the error messages disappear from the system logs and I am able to
|
36 |
login to my machine again. However if you reboot with the broken state
|
37 |
you will have a hard time updating it, since you cannot login to your
|
38 |
machine anymore and need a chroot from a live system. |
39 |
|
40 |
|
41 |
|
42 |
The bug report for passwdqc is here:
|
43 |
https://bugs.gentoo.org/728528 |
44 |
|
45 |
|
46 |
|
47 |
Cheers
|
48 |
Andreas |
49 |
|
50 |
|
51 |
|