Package: vmware-package
Version: 0.12
Severity: wishlist
--- Please enter the report below this line. ---
Using the configuration for vmware-authd from /etc/pam.d/vmware-authd as
built by vmware-package fails to authenticate users on amd64 with vmware
server 1.0.3 using the vmware any-any patchset v113.
Steps to reproduce:
Authenticating using e.g. vmware-server-console from a remote machine
produces the following output in /var/log/auth.log:
(date, time, hostname and application name - the latter being
vmware-authd - were cut off to increase readability)
PAM unable to
dlopen(/usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix2.so)
PAM [error: /usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix2.so:
cannot open shared object file: No such file or directory]
PAM adding faulty module:
/usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix2.so
PAM (other) illegal module type: @include
PAM pam_parse: expecting return value; [...common-auth]
PAM (other) no module name supplied
PAM unable to dlopen(*unknown module path*)
PAM [error: *unknown module path*: cannot open shared object file: No such
file or directory]
PAM adding faulty module: *unknown module path*
PAM (other) illegal module type: @include
PAM pam_parse: expecting return value; [...common-account]
PAM (other) no module name supplied
PAM (other) illegal module type: @include
PAM pam_parse: expecting return value; [...common-password]
PAM (other) no module name supplied
PAM (other) illegal module type: @include
PAM pam_parse: expecting return value; [...common-session]
PAM (other) no module name supplied
This is due to the default /etc/pam.d/vmware-authd configuration:
#%PAM-1.0
auth required /lib/security/pam_unix_auth.so shadow nullok
accountrequired /lib/security/pam_unix_acct.so
Changing it to use the system pam library makes it fail as well due to
the 32bit nature of the vmware-authd binary - on amd64 at least.
Suggested fix:
This problem can be solved using the pam libraries shipped with vmware
server, as suggested in [
http://ubuntuforums.org/showthread.php?t=426026 ], using the following
lines in /etc/pam.d/vmware-authd:
#%PAM-1.0
auth sufficient /usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix2.so
shadow null ok
auth required /usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix_auth.so
shadow nullok
account sufficient /usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix2.so
account required
/usr/lib/vmware-server/lib/libpam.so.0/security/pam_unix_acct.so
--- System information. ---
Debian Release: 4.0
APT prefers stable
APT policy: (800, 'stable'), (750, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-1-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
--- Package information. ---
Depends (Version) | Installed
===-+-===
ii bzip2 1.0.3-6 high-quality block-sorting file co
ii debhelper 5.0.42 helper programs for debian/rules
ii dpkg-dev1.13.25 package building tools for Debian
ii fakeroot1.5.10 Gives a fake root environment
ii file4.17-5etch2 Determines file type using magic
ii make3.81-2 The GNU version of the make util
ii module-assistant0.10.8 tool to make module package creati
ii python 2.4.4-2 An interactive high-level object-o
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
