authdaemond: dlerror: /lib/security/pam_foreground.so: undefined symbol: pam_set_data
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libpam-foreground (Ubuntu) |
Fix Released
|
Low
|
Kees Cook | ||
Bug Description
Binary package hint: libpam-foreground
I've recently installed OSSEC HIDS, which is a system notification daemon that automatically emails a preconfigured email address when significant system events occur. Now, I had this system up and running for just about an hour when I received my first email saying the following:
OSSEC HIDS Notification.
2006 Dec 18 17:31:38
Received From: ucmd->/
Rule: 1002 fired (level 7) -> "Unknown problem somewhere in the system."
Portion of the log(s):
authdaemond: PAM [dlerror: /lib/security/
--END OF NOTIFICATION
This was a shock, and I tried my darndess to figure out what it could be that's causing this problem, but to know avail. I've done crazy things like this:
chrisd@
000018dc A __bss_start
U close
000018dc A _edata
000018dc A _end
U __errno_location
U free
U ioctl
U malloc
U mkdir
U open
U pam_get_data
U pam_get_user
U pam_set_data
0000057b T pam_sm_acct_mgmt
0000056d T pam_sm_authenticate
00000582 T pam_sm_chauthtok
00000589 T pam_sm_
000005ce T pam_sm_open_session
00000574 T pam_sm_setcred
U sprintf
U unlink
U __xstat
But I'm not even sure what the letters mean on the left or what I'm looking for. I think that they are functions, but that's all I really know for now. I've downloaded and installed a prior version of libpam-
I'm completely and utterly stumped. Any advice/
Thank you all very much,
JunkNode
libpam- foreground. so is not compiled with the right options (it needs glibc.so and libpam.so but it's not linked against them).
It works most of the time because glibc.so and libpam.so are loaded at run time by something else, but not in your case or not in the right order.
I'm guessing you're using courier, I don't so I'm not sure but as a workaround:
you can grep for pam_foreground.so in /etc/pam.d/ and comment it.
If there's only one in /etc/pam. d/common- session don't remove it! In this case you need to replace the line
@include common-session
in /etc/pam.d/imap and maybe others with
session required pam_unix.so
Anyway in my understanding for no interactive session pam_foreground does nothing.
> But I'm not even sure what the letters mean on the left or what I'm
> looking for. I think that they are functions, but that's all I really
U undefined in this file, ie need another library.
T defined.