[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_console in xserver leads to: "user dumas not a console user"



Hi,

I have redhat 7.2, pam-0.75-19, XFree86-4.1.0-15. 
With the following /etc/pam.d/xserver:

.......................................................
#%PAM-1.0
auth       sufficient   /lib/security/pam_rootok.so
auth       required     /lib/security/pam_console.so debug
account    required     /lib/security/pam_permit.so
........................................................
I get:

.......................................................
Fatal server error:
PAM authentication failed, cannot start X server.
        Perhaps you do not have console ownership?


When reporting a problem related to a server crash, please send
the full server output, not just the last messages.
Please report problems to xfree86@xfree86.org.
.......................................................


And in syslog:
May 13 18:43:56 hermes pam_console[14631]: user dumas not a console user

When I substitute 
auth       required     /lib/security/pam_console.so debug
with
auth       required     /lib/security/pam_permit.so
it works fine.

When I login at the tty with /lib/security/pam_console.so debug, I get in
syslog:

.....................................................................
May 13 12:49:22 hermes pam_console[13733]: check console tty2
May 13 12:49:22 hermes pam_console[13733]: checking possible console "tty2"
May 13 12:49:22 hermes pam_console[13733]: checking possible console
"/dev/tty2"
May 13 12:49:22 hermes pam_console[13733]: console tty2 is a character device
May 13 12:49:27 hermes pam_console[14071]: user is "dumas"
May 13 12:49:27 hermes pam_console[14071]: parsing config file
/etc/security/console.perms
May 13 12:49:27 hermes pam_console[14071]: check console tty2
May 13 12:49:27 hermes pam_console[14071]: checking possible console "tty2"
May 13 12:49:27 hermes pam_console[14071]: checking possible console
"/dev/tty2"
May 13 12:49:27 hermes pam_console[14071]: console tty2 is owned by UID 0
May 13 12:49:27 hermes pam_console[14071]: console tty2 is a character device
May 13 12:49:27 hermes pam_console[14071]: dumas is console user
.....................................................................

I also cut and paste my /etc/consoles.perms

.....................................................................
# file classes -- these are regular expressions
<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]\.[0-9] :[0-9]
<xconsole>=:[0-9]\.[0-9] :[0-9]

# device classes -- these are shell-style globs
<floppy>=/dev/fd[0-1]* \
         /dev/floppy/* /mnt/floppy*
<sound>=/dev/dsp* /dev/audio* /dev/midi* \
        /dev/mixer* /dev/sequencer \
        /dev/sound/* /dev/beep
<cdrom>=/dev/cdrom* /dev/cdroms/* /dev/cdwriter* /mnt/cdrom*
<pilot>=/dev/pilot
<jaz>=/mnt/jaz*
<zip>=/mnt/pocketzip* /mnt/zip*
<ls120>=/dev/ls120 /mnt/ls120*
<scanner>=/dev/scanner /dev/usb/scanner*
<rio500>=/dev/usb/rio500
<camera>=/mnt/camera* /dev/usb/dc2xx* /dev/usb/mdc800*
<memstick>=/mnt/memstick*
<flash>=/mnt/flash*
<diskonkey>=/mnt/diskonkey*
<rem_ide>=/mnt/microdrive*
<fb>=/dev/fb /dev/fb[0-9]* \
     /dev/fb/*
<kbd>=/dev/kbd
<joystick>=/dev/js[0-9]*
<v4l>=/dev/video* /dev/radio* /dev/winradio* /dev/vtx* /dev/vbi* \
      /dev/video/*
<gpm>=/dev/gpmctl
<dri>=/dev/nvidia* /dev/3dfx*
<mainboard>=/dev/apm_bios

# permission definitions
<console>  0660 <floppy>     0660 root.floppy
<console>  0600 <sound>      0600 root
<console>  0600 <cdrom>      0660 root.disk
<console>  0600 <pilot>      0660 root.uucp
<console>  0600 <jaz>        0660 root.disk
<console>  0600 <zip>        0660 root.disk
<console>  0600 <ls120>      0660 root.disk
<console>  0600 <scanner>    0600 root
<console>  0600 <camera>     0600 root
<console>  0600 <memstick>   0600 root
<console>  0600 <flash>      0600 root
<console>  0600 <diskonkey>  0660 root.disk
<console>  0600 <rem_ide>    0660 root.disk
<console>  0600 <fb>         0600 root
<console>  0600 <kbd>        0600 root
<console>  0600 <joystick>   0600 root
<console>  0600 <v4l>        0600 root
<console>  0700 <gpm>        0700 root
<console>  0600 <mainboard>  0600 root
<console>  0600 <rio500>     0600 root

<xconsole> 0600 /dev/console 0600 root.root
<xconsole> 0600 <dri>        0600 root
...................................................................

Is it a bug, or is it normal ?

Pat





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []