From: Varakantam, Vikram (VVarakantam@FDIC.gov)
Date: Thu May 22 2003 - 04:12:38 EDT
Thanks everyone for the responses, the problem was permissions on /usr
directory. It happened evern on a second server built with the same
methodolgy using the same JASS hardening driver. I will have to investigate
into permissions modifications on /usr.
Vikram
Intially everything worked great with only SSH access to the server.
>After 2 days I had problem with SSH reporting PAM module failure
>
>May 21 02:16:11 xxxxxxxxxx sshd[545]: [ID 487707 auth.error] load_modules:
>can not open module /usr/lib/security/pam_unix_session.so.1
>May 21 02:16:11 xxxxxxxxxx sshd[545]: [ID 776383 auth.error] open_module:
>stat(/usr/lib/security/pam_unix_session.so.1) failed: Permission denied
>May 21 02:16:11 xxxxxxxxxx sshd[545]: [ID 487707 auth.error] load_modules:
>can not open module /usr/lib/security/pam_unix_session.so.1
>May 21 02:16:11 xxxxxxxxxx sshd[545]: [ID 800047 auth.crit] fatal: PAM
>session setup failed[1]: Dlopen failure
Points to a file permission problem.
>I reinstalled SSH packages and still the problem persisted, so I had to
>reopen telnet access to the server. After which the server ONLY permits
ROOT
>login on CONSOLE and ROOT SSH access, when i try to SU to a user acccount
it
>complains "NO SHELL". The default user shell is "sh" and entry exsists in
>/etc/shells. I am not sure what I am missing, any help would be greatly
>appreciated.
Check the permission on "/" is is most likely no longer 755;
and check the other directories too:
ls -ld / /usr /usr/lib /usr/lib/security
as well as the PAM module:
ls -l /usr/lib/security/pam_unix_session.so.1
Casper
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:27 EDT