[rsbac] UM can't set passwords - strange symptoms

Amon Ott ao at rsbac.org
Tue Jul 17 09:43:08 CEST 2007

On Monday 16 July 2007 21:16, Sven Seeland wrote:
> I'm having some problems with the RSBAC usermanagement module. I've
> recently reinstalled my server and am now switching to the RSBAC UM
> system. However, I can't set any passwords and therefore I can't
> log in.
> When issuing
> 	$ rsbac_usermod -p some_password secoff
> I always get the following as a response:
> 	Unable to lock password into physical memory!

This is only a warning, because the password could be swapped to disk 
and retrieved from there. The password should still be set.

> No errors in the logs though. /proc/rsbac/rmsg doesn't say
> anything, and I don't get any other log messages either.
> Any ideas what might be causing this?

As Andrew wrote, user secoff does not have 
CAP_IPC_LOCK and therefore cannot lock memory.

> I'm using RSBAC 1.3.4(-r1) in a 2.6.21 Kernel (Gentoo RSBAC
> patchset out of Portage) glibc 2.5(-r4 out of portage as well).
> Apparently libnss_rsbac.la doesn't link correctly against
> librsbac.la - or so says revdep-rebuild. Recompiling rsbac-admin
> doesn't fix this.

The lib paths change between systems, Kang has already started looking 
after that.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list