Mel wrote:
On Saturday 01 September 2007 10:54:58 Rolf G Nielsen wrote:
I just installed 7.0-CURRENT (after someone said on this list that it's
very stable and there are very few bugs left). So far it seems to work
fine, but there's one thing that bothers me. I repeatedly get the
following messages in the console:
in openpam_dispatch(): pam_nologin.so: no pam_sm_authenticate()
in openpam_dispatch(): pam_nologin.so: no pam_sm_setcred()
One of those, or sometimes both, appear every time someone logs in, and
since I use fetchmail to get mail from several accounts and deliver them
locally, and then a local POP3 server from which my mail clients gets
the mail, the logins, and thus the warning/error messages, are quite
frequent.
Now for my actual questions:
1. How severe are those messages? Should I assume that there are
security holes?
Don't think so. I think you didn't recompile PAM-aware software (like
fetchmail and qpopper) so PAM warns you they didn't call the proper
functions.
2. How do I get rid of the messages? No matter how severe they are, I do
NOT want them filling up the console. So how could I correct the problem?
Silence it by altering auth.notice to auth.none on the /dev/console line
in /etc/syslog.conf and then restart syslogd (/etc/rc.d/syslogd restart).
2a. Why do those messages appear at all? Could I have done something
wrong when building and installing world and/or kernel?
I think it's mostly the port software. Sshd for instance shouldn't generate
this problem.
Here's exactly what I've done:
1. I downloaded the sources into a separate source tree (to keep the 6.2
sources if I wanted to roll back), /usr/src7.
2. I copied my kernel config file from /usr/src/sys/i386/conf to
/usr/src7/sys/i386/conf.
3. I edited the kernel config file, comparing it to
/usr/src7/sys/conf/NOTES and /usr/src7/sys/i386/conf/NOTES, to remove
any deprecated options and possibly add new options I might be interested in
4. I edited config files, to temporarily disable autoload of nvidia
driver, starting up xdm and some apps such as fetchmail and popd.
5. (leaving out obvious bits, such as mounting and cd'ing)
a. make -DALWAYS_CHECK_MAKE buildworld
b. make -DALWAYS_CHECK_MAKE KERNCONF=TRAPPER buildkernel
c. make -DALWAYS_CHECK_MAKE KERNCONF=TRAPPER KODIR=/boot/testkernel
installkernel
d. nexkboot -k testkernel (to make sure new kernel would boot)
e. reboot
f. make -DALWAYS_CHECK_MAKE KERNCONF=TRAPPER installkernel
g. reboot into single user
h. mergemaster -p
i. make -DALWAYS_CHECK_MAKE installworld
j. make delete-old
k. mergemaster
l. reboot
6. Here's when I first noticed those warnings
7.
a. portupgrade -fax nvidia-driver
b. portupgrade -f nvidia-driver
8. I edited the config files to re-enable what I disabled in 4.
9. reboot.
I'd be happy to send anyone my kernel config file, if you think that
might be the cause.
--
Sincerly,
Rolf Nielsen
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
