FS#1524 - undefined symbols in pam_userdb.so
Attached to Project:
Arch Linux
Opened by Andrew Whitson (MEfreak) - Saturday, 25 September 2004, 12:15 GMT
Last edited by Judd Vinet (judd) - Saturday, 16 October 2004, 17:39 GMT
Opened by Andrew Whitson (MEfreak) - Saturday, 25 September 2004, 12:15 GMT
Last edited by Judd Vinet (judd) - Saturday, 16 October 2004, 17:39 GMT
|
Details
I'm running into undefined symbols in pam_userdb.so with the
latest version of pam (0.77-6). I discovered this problem
while trying to use vsftpd with pam support to authenticate
virtual users. Similar bugs have been filed at Gentoo and
Red Hat's Bugzilla, with evidence pointing to pam not being
compiled properly against berkely db.
The errors I receive when trying to use pam_userdb.so are shown below. See http://bbs.archlinux.org/viewtopic.php?t=6846 for more information. Sep 17 10:31:20 server vsftpd: PAM unable to dlopen(/lib/security/pam_userdb.so) Sep 17 10:31:20 server vsftpd: PAM [dlerror: /lib/security/pam_userdb.so: undefined symbol: dbm_open] Sep 17 10:31:20 server vsftpd: PAM adding faulty module: /lib/security/pam_userdb.so Sep 17 10:31:20 server vsftpd: PAM unable to dlopen(/lib/secutiry/pam_userdb.so) Sep 17 10:31:20 server vsftpd: PAM [dlerror: /lib/secutiry/pam_userdb.so: cannot open shared object file: No such file] Sep 17 10:31:20 server vsftpd: PAM adding faulty module: /lib/secutiry/pam_userdb.so [root@server etc]# ldd -r /lib/security/pam_userdb.so linux-gate.so.1 => (0xffffe000) libc.so.6 => /lib/libc.so.6 (0x40007000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000) undefined symbol: dbm_open (/lib/security/pam_userdb.so) undefined symbol: dbm_fetch (/lib/security/pam_userdb.so) undefined symbol: dbm_close (/lib/security/pam_userdb.so) undefined symbol: dbm_firstkey (/lib/security/pam_userdb.so) undefined symbol: dbm_nextkey (/lib/security/pam_userdb.so) undefined symbol: pam_get_user (/lib/security/pam_userdb.so) undefined symbol: pam_get_item (/lib/security/pam_userdb.so) undefined symbol: pam_set_item (/lib/security/pam_userdb.so) |
This task depends upon
Closed by Judd Vinet (judd)
Thursday, 30 December 2004, 02:34 GMT
Reason for closing: Fixed
Additional comments about closing: this problem is fixed in pam 0.78-1
Thursday, 30 December 2004, 02:34 GMT
Reason for closing: Fixed
Additional comments about closing: this problem is fixed in pam 0.78-1
I think I have a correct pam_userdb.so built. Please try this new PAM package and let me know if it works or not. Thanks.
http://www.archlinux.org/~judd/pam-0.77-8.pkg.tar.gz
- Good News
The undefined symbols and associated errors are now gone. Looks like pam_userdb.so is fixed up in that respect.
- Bad News
Now Pam's user_lookup function in pam_userdb.so is failing, refusing to open a db file created via the db_load function:
pam_userdb[6183]: user_lookup: could not open database `/etc/vsftpdlogin'
A google search for the error message led me to believe that the problem is in the version of berkely db used to create the database file. Namely, pam_userdb.so wants a database created with db version 3. I must admit, however, that the links discussing the issue are dated (note the reference to libdb2 in the link below), and I can't say one way or another if the current version of db (4.X on Arch, iirc) *should* work with pam_userdb.so.
From http://worldserver3.oleane.com/bouynot/gabuzomeu/alex/doc/vsftpd/ (page is not in english):
Caution: use db3_load of the package libdb3-util and not db_load of the package libdb2-util. If not, the data base will not be readable and the authentification will fail (characteristic error: " pam_userdb[214 ]: user_lookup: could not open database `/etc/vsftpd' ").
If this is another issue altogether, I will be happy to generate another bug report. Or perhaps it's as simple as "pebkac" errors :)
Thanks for the work, Judd.
Andrew