Yesterday hibernated, when restarted this morning the KDE session screen was messed (unreadable, segments of misshaped windows) up so I rebooted (may have powered down as the system may have froze - can’t recall). No issue since upgrade to 13.1 as or release date
After reboot the system says “Logging in account_name” then “Authentication failed” this is at the KDE startup
at virtual terminal I get requested login which I provided then “login incorrect” there was no request for password this is for all accounts including root
at KDM screen I get “a Critical error has occurred. Please look at KDM’s log file …” but there’s nothing of note there
rebooting to failsafe does not help, still no request for password just “login incorrect”
Looked at the log files (using the 12.3 rescue cd) and only thing maybe relevant is in both /var/log/warn and messages files where there is “PAM added faulty module:” messages for pam_unix2.so and pam_pwcheck.so. Preceding line to these are "“PM unable to dlopen (/lib/security/pam_unix2.so) … no such file or directory” - but as this is also in the warn log so not sure this is the problem or normal. Other log files appeared ok. Also the time stamp on the dlopen lines is 5:22am but I also tried logging in at 8:15 and no newer messages are displayed
pam_unix2.so and pam_pwcheck.so are deprecated AFAIK. You could remove the pam_pwcheck lines from /etc/pam.d/* and replace pam_unix2.so with pam_unix.so .
But they are still there in 13.1, so something seems definitely wrong. Maybe try to reinstall the package “pam-modules”.
Since pam_unix2 (and pam_unix) is the “Standard PAM module for traditional password authentication”, this could indeed preventing you from login (and it is set as required in the default pam config).
Btw, if you add “init=/bin/sh” to the kernel command line, you’ll get to a minimal text mode system without having to login.
filesystem was marked clean so I force the fsck but does not change anything
I logged in as suggested to the minimal text mode but obviously no network, is there a way to get network and update all my Pam packages assuming that might be the problem? Or will I need to dl them individually and using usb drive install?
bit of a pain with =/bin/sh getting the packages on the system but it rebooted fine into KDE fine rotfl!
fyi - dl’ed rpms onto usb connected to laptop, ran rescue disk on pc to read and copy rpm files, rebooted to openSUSE with =/bin/sh as kernel option and updated packages - couldn’t figure how to access usb in minimal text mode
On 2013-12-05 15:36, google01103 wrote:
>
> filesystem was marked clean so I force the fsck but does not change
> anything
>
> I logged in as suggested to the minimal text mode but obviously no
> network, is there a way to get network and update all my Pam packages
> assuming that might be the problem? Or will I need to dl them
> individually and using usb drive install?
Yast, network, use traditional or ifup method (ie, not network manager),
then configure it.
–
Cheers / Saludos,
Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)
On 2013-12-05 14:46, wolfi323 wrote:
> pam_unix2.so and pam_pwcheck.so are deprecated AFAIK. You could remove
> the pam_pwcheck lines from /etc/pam.d/* and replace pam_unix2.so with
> pam_unix.so .
> But they are still there in 13.1, so something seems definitely wrong.
Maybe he did an online upgrade, and config was not adapted.
–
Cheers / Saludos,
Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)
pam_unix2 and pam_check are provided by pam_modules which the description states " is necessary for a working SuSE Linux System" Yast allows me to remove it but the description seems to imply it’s important
On a fresh install the newer pam_unix (also included in pam-modules) is configured to be used instead of pam_unix2 and pam_pwcheck though. But it’s not really necessary to change that I would say.
But please note that those common-… files should be symlinks to the corresponding common-…-pc files which contain the actual configuration.
Otherwise automatic configuration changes won’t work when installing/updating/removing packages.
yea I notice that and took it into account, actually after noticing that I copied the xxxx.rpmnew files to xxxx-pc just in case there where other differences and there were some added parameters on some of the lines like “try_first_pass” in common-account-pc and “nulllock try_first_pass” in common-password-pc - not sure they mattered but seemed that if they were now being shipped I should use them
“try_first_pass” is default for pam_unix2, you have to specify it for pam_unix to get the same behaviour.
“nullok” (if that’s what you mean ) allows to set empty passwords.
See “man pam_unix” (or “man pam_unix2”) for more information, if you’re interested.
IIANM, pam_unix2 was an openSUSE specific addon that isn’t necessary anymore, since the “official” pam_unix has gained the same functionality in the meantime.
