Noble: default pam config for login tries do load non-existent pam_lastlog.so
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
shadow (Debian) |
New
|
Unknown
|
|||
shadow (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Noble |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
pam_lastlog.so was dropped by upstream in 1.5.3[1][4]. It's still there in the code, but not built by default.
And indeed, in noble (1.5.3) we don't have it, while mantic (1.5.2) does.
This does not prevent console logins, but generates an error in the logs:
Apr 23 20:02:09 n1 login[835]: PAM unable to dlopen(
Apr 23 20:02:09 n1 login[835]: PAM adding faulty module: pam_lastlog.so
Debian's shadow package is also still shipping this config[2].
If you think we should re-enable pam_lastlog, then this becomes a bug in the src:pam package, but keep in mind upstream is keen on removing it, and we might be better off switching to an alternative, perhaps pam_lastlog2[3].
1. https:/
2. https:/
3. https:/
4. https:/
summary: |
- Default pam config for login tries do load non-existent pam module - pam_lastlog.so + Noble: default pam config for login tries do load non-existent pam + module pam_lastlog.so |
summary: |
- Noble: default pam config for login tries do load non-existent pam - module pam_lastlog.so + Noble: default pam config for login tries do load non-existent + pam_lastlog.so |
description: | updated |
description: | updated |
Changed in shadow (Debian): | |
status: | Unknown → New |
Status changed to 'Confirmed' because the bug affects multiple users.