Subject: Re: pam dying in upgrade
To: None <current-users@NetBSD.org>
From: Peter Seebach <firstname.lastname@example.org>
Date: 09/02/2005 20:47:35
In message <200509030142.j831gFMB004060@vtn1.victoria.tc.ca>, John Nemeth write
>On Jan 23, 3:12pm, Peter Seebach wrote:
>} $ su
>} su: pam_start failed
>} Well, that's awfully nice. Such a detailed message! And it makes it so easy
>} to fix the problem, too!
> Is there anything logged? What are the permissions on su? What
>is in /etc/pam.d?
> BTW, since this is a security issue, messages to users shouldn't
>be overly detailed; the logs are where the details should be.
Yup. Turns out that I didn't run all the postinstall stuff, and pam.d was
empty. *sigh*. Better than it was last time.
I would prefer if the fallback for lack of PAM configuration were "just act
like a traditional UNIX box".
And remember, an NFS filesystem mounted without nosuid can save your life.