On Fri, 2002-04-05 at 13:21, Jon Masters wrote:
> Hi,
>
> The problem is with the PAM authentication system but is likely to be with
> your configuration of shadow passwords - please send me the following:
>
> 1). A full (ls -l) directory listing showing:
>
> * /etc/passwd
> * /etc/group
> * /etc/shadow
> 2). A full listing of the above files using "lsattr" (this is likely to
> be completely useless - I just want to make sure I have every
> conceivable thing which could affect things).
> 3). A perhaps snipped copy of /etc/passwd (contains "no" private data).
> 4). A doctored copy of /etc/shadow (though it would help to leave some
> silly user account in there like "foo" with password "bar" added
> using adduser and checked that it has the same problems).
> 5). "tar cvfz jcm-pamd /etc/pam.d" - and I will then duplicate your
> environment if I cannot spot an obvious problem, in which case I
> can't do that until the weekend but will try to get around to it!
>
> HTH,
couple of points
jon may be right as regards problem being with pam
BUT - as the problem is with /bin/login you MAY have been hacked (esp
with root issue)
my understanding is Fvh updates to current version if rpm is already
installed (ie: good for updates maybe not so good for replacing hacked
binary)- I would try -Uvh -force utli-linux
there is a pm howto on LPP
few points to think on and look at
--------------------------------------------------------------------
http://www.lug.org.uk http://www.linuxportal.co.uk
http://www.linuxjob.co.uk http://www.linuxshop.co.uk
--------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Sat 06 Apr 2002 - 03:24:40 BST