Bug #2407
openpam won't look for pkgsrc pam module path
| Status: | New | Start date: | 08/18/2012 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - |
Description
When I try to load pam modules that where installed from pkgsrc, they're installed in /usr/pkg/lib/security, which is not included in the openpam's search paths defined at compile time. I'm getting this error:
Aug 18 12:45:38 yyy login: in openpam_dynamic(): No such file or directory
Aug 18 12:45:38 yyy login: in openpam_load_module(): no pam_xxx.so found
Aug 18 12:45:38 yyy login: pam_start(): system error
The complete path is not specified in the default pam.d service files that comes with DragonFly.
Related todos
History
Updated by swildner 10 months ago
- Priority changed from Low to Normal
Can you describe a bit what you are doing?
How are you loading them? Does it work if you pass an absolute path to openpam_load_module()?
Which are the pkgsrc packages that have the modules?
Regards,
Sascha
Updated by swildner 10 months ago
After re-reading your report, I assume you are passing the module name somewhere in /etc/pam.d.
Does it work if you specify an absolute path to the module(s) in pkgsrc there?
Updated by srussell 10 months ago
I'm not sure about your last question. I'm adding the pam-krb5 package alone, to use with login, xdm and the like. So the problem is not with any specific package. Theses clients are not aware of the existence of pam-krb5 itself. For what I understand, all path specifications can only be done in /etc/pam.d.
The default pam configuration files in DragonFly and pkgsrc are specifying pam_krb5.so without the path. pkgsrc seems to take for granted that /usr/pkg/lib/security is in the libpam search path. To fix this, I added the complete path with all pam_krb5.so modules with success.
I noticed that the build of libpam is made with this flag: -DOPENPAM_MODULES_DIR='"/usr/lib/security/"'
This flag is defined here:
lib/libpam/Makefile:MODULE_DIR= ${LIBDIR}/security
lib/libpam/Makefile:CFLAGS+= -DOPENPAM_MODULES_DIR='"${MODULE_DIR}/"'
This parameter is hardcoded and for what I see, there is no way to add dynamically other search paths.
Updated by swildner 10 months ago
On Sun, 02 Sep 2012 15:30:27 +0200, Stephane Russell via Redmine
<bugtracker-admin@leaf.dragonflybsd.org> wrote:
> The default pam configuration files in DragonFly and pkgsrc are
> specifying pam_krb5.so without the path. pkgsrc seems to take for
> granted that /usr/pkg/lib/security is in the libpam search path. To fix
> this, I added the complete path with all pam_krb5.so modules with
> success.
>
> I noticed that the build of libpam is made with this flag:
> -DOPENPAM_MODULES_DIR='"/usr/lib/security/"'
>
> This flag is defined here:
> lib/libpam/Makefile:MODULE_DIR= ${LIBDIR}/security
> lib/libpam/Makefile:CFLAGS+= -DOPENPAM_MODULES_DIR='"${MODULE_DIR}/"'
>
> This parameter is hardcoded and for what I see, there is no way to add
> dynamically other search paths.
Yeah this is what I meant, it is just one dir and not a list. The only way
to override it (from looking at openpam_dynamic.c) seems to be an absolute
path:
[...]
/* Prepend the standard prefix if not an absolute pathname. */
if (path[0] != '/')
prefix = OPENPAM_MODULES_DIR;
else
prefix = "";
[...]
Sascha