Package: libpam-modules
Version: 1.1.8-3.1
Severity: normal
Dear Maintainer,
I tried to configure the pam_tty_audit module.
I edited the /etc/pam.d/common-session file and at the end of it added
the following line as per the the pam_tty_audit(8) man page:
session required pam_tty_audit.so disable=* enable=root
After doing that, I try to gain root access by running 'su -' and I'm
presented with an error and the su fails:
$ su -
Password:
su: Cannot make/remove an entry for the specified session
$
In the /var/logl/auth.log file are the corresponding errors:
Feb 18 13:55:54 dwper-ansible su[41264]: Successful su for root by jimb
Feb 18 13:55:54 dwper-ansible su[41264]: + /dev/pts/0 jimb:root
Feb 18 13:55:54 dwper-ansible su[41264]: pam_unix(su:session): session
opened for user root by jimb(uid=1000)
Feb 18 13:55:54 dwper-ansible su[41264]: pam_tty_audit(su:session):
error setting current audit status: Invalid argument
Feb 18 13:55:54 dwper-ansible su[41264]: pam_open_session: Cannot
make/remove an entry for the specified session
Removing the line from the /etc/pam.d/common-session file allows the su
command to work again.
The host is running the Debian testing distribution with all current
updates installed.
Regards,
Jim Barber
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libpam-modules depends on:
ii debconf [debconf-2.0] 1.5.55
ii libaudit1 1:2.4-1+b1
ii libc6 2.19-13
ii libdb5.3 5.3.28-7~deb8u1
ii libpam-modules-bin 1.1.8-3.1
ii libpam0g 1.1.8-3.1
ii libselinux12.3-2
libpam-modules recommends no packages.
libpam-modules suggests no packages.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org