problems with shadow

b-vol lux-integ at
Fri Jun 27 10:58:54 PDT 2008

On Friday 27 June 2008 06:03:47 am DJ Lucas wrote:
> b-vol wrote:
> > Greetings
> >
> >
> > I have installed  Linux-PAM-
> > and shadow-  as per the recipe given in 
> > BLFS-svn-may152008
> >
> > I am not using cracklib.
> <Snip>
> > on login  these errors are reported as
> > configuration error -unknown item 'OBSCURE_CHECKS_ENAB' (nofify
> > Administrator) configuration error -unknown item 'CRACKLIB_DICTPATH'
> > (nofify Administrator) configuration error -unknown item
> > 'PASS_CHANGE_TRIES' (nofify Administrator) configuration error -unknown
> > item 'PASS_ALWAYS_WARN' (nofify Administrator)
> The command you mentioned above should comment those lines out of
> /etc/login.defs for you.  Put login.defs.orig back in place and rerun
> the commands.
> > if   after login  the 'useradd -m command ' is issued,  it appears to
> > work (with configuration error warnings above)  and but the  passwd
> > command receives
> > "user not known to the underlying authentication module"
> >
> >
> > when the above  (eg 'OBSCURE_CHECKS_ENAB' et al   edited out
> > of /etc/login.defs, the login returns to normal.
> Again, they should have been 'edited out' already.
> > The  'useradd' -m command   then appears to work
> > Then  the 'passwd'  command appears to work
> > but a login to  the newely created user results in
> >
> > "user not known to the underlying authentication module"
> First, give it a second try if logging in from an already spawned login.
>   Also, what result do you get from su <newusername>?  Verify that you
> have moved the su and login from /usr/bin to /bin ?  Also, you don't by
> chance have a kerberos installation laying around do you?  Again, wrong
> login/su binaries.
> Next, I'd try and wipe everything in /etc/pam.d/* and recreate the files
> using the instructions in the book (paying special attention to the
> with{,out} cracklib comments).
> Failing that, do what the book says to do, re-install shadow without PAM
> support by adding the --without-libpam switch, restore login.defs from
> login.defs.orig, set a password for a test user, make sure that
> *everything* works as it did before you started, and then wipe
> /etc/pam.{d/*,conf} and retry the PAM and Shadow installations again.
> -- DJ Lucas
recompiling with --without-libpam  has seen  login and  su all working fine.
There seems to be a problem with shadow working with  PAM,  I have tried   
this version of shadow with PAM- and PAM-1.0.1  with the same effect 
Is it worth trying  a later version of   shadow and if so will  the patch 
still be necessary? 


Money only has value when people trust it. 
If the trust goes -then poooof!
Buy gold people

--Anonymous 2008

More information about the blfs-support mailing list