Hello there, I found this bug on bugs.d.o and wondered about it, too. /var/log/auth.log is complaining about the missing scripts. >> can not stat /usr/share/libpam-script/pam_script_ses_open >> can not stat /usr/share/libpam-script/pam_script_auth >> can not stat /usr/share/libpam-script/pam_script_acct
Journalctl is even worse, it prints out these "messages" with priority 3 ("ERROR") in the color red. There are no messages with lower priority on my system - even when something badly goes wrong. >> Can one somehow make it stop invoking those scripts? > I wonder how you got this package. If you don't use it I would recommend > to remove it. > If you do need to execute scripts it would be best to create the files or > symlink them like described in the README.Debian file. Truely: Do you ALWAYS use all possible scripts? I created the scripts I need (ses_open and ses_close), but don't need auth, acct and passwd. libpam-script/README.pam_script says: The scripts can be symbolic links or not exist at all as the case may be. and The scripts must return an exit value of 0 if successful with regards to its purpose; else return a non-zero exit value. The pam_script.so module does not interpret non-zero values as anything else except as the appropriate failure for the given module-type. With that in mind I don't want to mess around with "sufficient"-PAM-scripts that I don't need, instead I just want to take care of those things I really want. Of course an unneeded "sufficient" or "optional" script safely should fail with a non-zero exit-code, but for that you must have a smell of how PAM works and it's not friendly for newbies. IMO a high priority "debug (7)" message or even "info (6)" would be helpfull in case you really "forgot" creating a symlink, but for shure it's no "error" (priority 3) if an unneeded file is missing. Christian