Comment 3 for bug 9936

On Fri, Nov 05, 2004 at 12:44:01PM +0100, Joan Carles Soler wrote:
> if i include pam_access module i get unresolved simbols and i coudn't
> loguin. This is a severity problem for as because whe have ours users
> in a ldap directori and only the users of a specified group whoud
> acces the server.
>
> ---
> auth.log----------------------------------------------------------
> --------------------
> Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
> pam_sm_authenticate
> Nov 5 09:27:40 emsrv sshd[2678]: PAM unable to resolve symbol:
> pam_sm_setcred
> Nov 5 09:27:45 emsrv sshd[2678]: error: PAM: Module is unknown for
> jsoler from emsrv
>
> --- /etc/pam.d/ssh
> ---------------------------------------------------
> --------------------
> # PAM configuration for the Secure Shell service
>
> # Disallow non-root logins when /etc/nologin exists.
> auth required pam_nologin.so
>
> # Read environment variables from /etc/environment and
> # /etc/security/pam_env.conf.
> auth required pam_env.so # [1]
>
> # Standard Un*x authentication.
> auth required pam_access.so
> @include common-auth

You can't use pam_access for auth; it only provides the account
management group. Install libpam-doc and see:

  /usr/share/doc/libpam-doc/html/pam-6.html#ss6.1

Since the module can't handle auth, it fails; since you've designated it
as required, the whole authentication fails.

--
Colin Watson [<email address hidden>]