Comment 34 for bug 270781
Revision history for this message
|
|
#34 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Hi Jakub, very good info, thanks a lot for the feedback.
You are right, one of the apps (I need to find out which one) corrupts the /dev/null device. After recreating it as it should be, screen locking works again. :-)
# ls -l /dev/null
-rw-r--r-- 1 root root 0 2009-03-13 00:20 /dev/null
#
# rm -f /dev/null; mknod -m 666 /dev/null c 1 3
#
# ls -l /dev/null
crw-rw-rw- 1 root root 1, 3 2009-03-13 00:21 /dev/null
#
And of course, since I still have pam-debug installed, this action is captured in /var/log/secure with the following info:
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Started.
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Signals set up.
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Not at tty.
Mar 13 00:22:43 thoth unix_chkpwd[22656]: User from getuidname(): snap
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Passwords read: 1
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Hash obtained: 0
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Hash verified: 7
Mar 13 00:22:43 thoth unix_chkpwd[22656]: Password verification result: 7
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Started.
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Signals set up.
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Not at tty.
Mar 13 00:22:51 thoth unix_chkpwd[22662]: User from getuidname(): snap
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Passwords read: 1
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Hash obtained: 0
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Hash verified: 0
Mar 13 00:22:51 thoth unix_chkpwd[22662]: Password verification result: 0
Mar 13 00:22:51 thoth unix_chkpwd[22663]: Started.
Mar 13 00:22:51 thoth unix_chkpwd[22663]: Signals set up.
Mar 13 00:22:51 thoth unix_chkpwd[22663]: Not at tty.
Mar 13 00:22:51 thoth unix_chkpwd[22663]: User from getuidname(): snap
In conclusion, I think I should run a small 'monitor' (maybe a simple C prog) to collect the list of processes from time to time, catch de change of /dev/null character device and compare the result to discover the culprit.
From your point of view, should I still leave pam-debug package in my system or not? I'm still willing to help in this case as long I don't brake the system: it's my main production laptop. ;-)
Thanks again. W4F.