Here is what was happening, and how I fixed it. First of all, I had to reboot into "linux single" just so that I could get to root and read the log files. If you do not know what "linux single" is, email me, and I'll let you know.
Anyway, whenever I tried to login using the normal gdm interface, these messages appeared in /var/log/secure:
Jul 9 09:03:10 lost pam: gdm-fingerprint[930]: PAM unable to dlopen(/lib/security/pam_fprintd.so): /lib/security/pam_fprintd.so: cannot open shared object file: No such file or directory
Jul 9 09:03:10 lost pam: gdm-fingerprint[930]: PAM adding faulty module: /lib/security/pam_fprintd.so
Jul 9 09:03:21 lost pam: gdm-password[991]: gkr-pam: couldn't run gnome-keyring-daemon: Permission denied
Jul 9 09:03:21 lost pam: gdm-password[929]: gkr-pam: gnome-keyring-daemon didn't start properly properly
Jul 9 09:03:21 lost pam: gdm-password[929]: pam_unix(gdm-password:session): session opened for user geek by (uid=0)
Jul 9 09:03:22 lost pam: gdm-password[929]: pam_unix(gdm-password:session): session closed for user geek
Then when I tried to login using the console, these messages appeared in /var/log/secure:
Jul 9 09:03:30 lost login: PAM unable to dlopen(/lib/security/pam_fprintd.so): /lib/security/pam_fprintd.so: cannot open shared object file: No such file or directory
Jul 9 09:03:30 lost login: PAM adding faulty module: /lib/security/pam_fprintd.so
Jul 9 09:03:34 lost login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Jul 9 09:03:34 lost login: ROOT LOGIN ON tty2
Jul 9 09:03:34 lost login: pam_unix(login:session): session closed for user root
Well this made sense after seeing the following:
[root@lost ~]# ls -l /lib/security/pam_fprintd.so
lrwxrwxrwx. 1 root root 20 2009-07-09 10:59 /lib/security/pam_fprintd.so -> pam_fprintd.so.0.0.0
[root@lost ~]# ls -l /lib/security/pam_fprintd.so.0.0.0
ls: cannot access /lib/security/pam_fprintd.so.0.0.0: No such file or directory
I'm not sure why the package called fprintd-pam.i586 installs a file that links to "No such file or directory". But removing fprintd-pam.i586 and gdm-fingerprint did not help.
The quickest solution for this issue was to disable selinux. Surely there is a better solution. If you know what that is, let us know.
Thursday, July 09, 2009
Subscribe to:
Post Comments (Atom)
Posts
4 comments:
Well, I ran into a similar problem.
Here's what worked for me.
It looks like the pam_fprintd.so thingy relates to a fingerprint reader. So all I had to do was disable it in the pam config files.
On my box I changed two files :
/etc/pam.d/fingerprint-auth and /etc/pam.d/system-auth
in both files I changed
auth sufficient pam_fprintd.so
to
# auth sufficient pam_fprintd.so
then run authconfig --update to make sure the equivalent -ac files are updated.
That disposed of the problem for me.
Depending on your configuration, you might have more pam files referring to the fingerprint module.
to list them just run
grep fprintd /etc/pam.d/*
that will list all files that refer to that module.
HTH.
Pierre.
Another way to solve this is to actually install the file that pam looks for.
In Fedora 11 this helps:
# yum install fprintd-pam
@Anonymous
If you read the post above it says:
"I'm not sure why the package called fprintd-pam.i586 installs a file that links to "No such file or directory". But removing fprintd-pam.i586 and gdm-fingerprint did not help."
So "yum install fprintd-pam", as you suggest, had already been done, and it did not help at that time because it only installed a link to a file that did not exist.
Maybe they have fixed the package and its dependancies now, and so it works for you now. But back then at the time of this post, "yum install fprintd-pam" did not work.
It was (is?) broken basically because the pam-fprintd developer would rather point the finger at anaconda than fix his broken package. See https://bugzilla.redhat.com/show_bug.cgi?id=505266 for proof. I ran into the same problem, as have many others, on completely fresh default installs. That's broken and a responsible developer would chase it down *wherever* it lives.
Post a Comment