Ubuntu
shadow package

login: remove pam_lastlog.so from config

Bug #2060676 reported by Alfonso Sanchez-Beato
52
This bug affects 9 people
Affects Status Importance Assigned to Milestone
shadow (Debian)
Fix Released
Unknown
shadow (Ubuntu)
Confirmed
Undecided
Unassigned
Ubuntu noble-updates

Bug Description

Imported from Debian bug http://bugs.debian.org/1068229:

Package: libpam-modules
Version: 1.5.3-6
Severity: normal

I noticed the following line in my logs:

login[2449]: PAM unable to dlopen(pam_lastlog.so): /usr/lib/security/pam_lastlog.so: cannot open shared object file: No such file or directory

I looked in the deb files from snapshot.debian.org, and noticed the last version
that had it was 1.5.2-9.1 - starting from 1.5.3-1 it disappeared.

Maybe it's fallout from the time_t transition and you're already aware of it, in
which case feel free to close.

Thanks,

-- M

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.7.9-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libpam-modules depends on:
ii debconf [debconf-2.0] 1.5.86
ii libaudit1 1:3.1.2-2.1
ii libc6 2.37-15.1
ii libcrypt1 1:4.4.36-4
ii libpam-modules-bin 1.5.3-6
ii libpam0g 1.5.3-6
ii libselinux1 3.5-2
ii libsystemd0 255.4-1+b1

libpam-modules recommends no packages.

libpam-modules suggests no packages.

-- debconf information excluded

Revision history for this message
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote :

/etc/pam.d/login references the module:

session optional pam_lastlog.so

Changed in shadow (Ubuntu):
milestone: none → noble-updates
Bug Watch Updater (bug-watch-updater)
Changed in shadow (Debian):
importance: Undecided → Unknown
Revision history for this message
Ramonskie (ramonskie) wrote :

i acknowledge that pam_lastlog.so is indeed removed from this package

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in shadow (Ubuntu):
status: New → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in shadow (Debian):
status: New → Fix Released
Revision history for this message
Andrei B (bogatav) wrote :

Hello!

Can't run my system properly whith this one, all the time can't pass the login screen. While you fixing it is there any workaround?

Revision history for this message
Ramonskie (ramonskie) wrote :

pam_lastlog is deprecated but should be replaced with pam_lastlog2
which is now packaged with util-linux

but the util-linux shipped with noble is 2.39.3-9ubuntu6
and it seems that its only packaged with util-linux => 2.40

Revision history for this message
Seth Arnold (seth-arnold) wrote :

Andrei, try to log in via multiple methods. Every service (ssh, login, gdm, xdm, etc) has its own PAM configuration and some of them may reference this module and some may not.

Once you've logged in, edit the files in /etc/pam.d/ that reference this module. Remove or comment them out. Save, then test. Don't quit any root shells in the process of testing, because changing PAM configuration can lock you out of your system -- as you've discovered.

Thanks

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.