[rsbac] UM can't set passwords - strange symptoms
Sven Seeland
sven.seeland at gmx.de
Tue Jul 17 14:54:33 CEST 2007
Thanks, everything works now. I guess I got spooked. On my last isntall I was
having all sorts of weird problems concerning RSBAC UM, like not being able to
set passwords, not being able to log in, being able to log in regardless of the
password entered, etc. And I couldn't solve this by reverting back to standard
unix shadow suite user management. Which caused me to reinstall from scratch.
It's not a production machine and I'm still pretty new to this...
Anyways, thanks for the help!
Amon Ott schrieb:
> On Monday 16 July 2007 21:16, Sven Seeland wrote:
>> I'm having some problems with the RSBAC usermanagement module. I've
>> recently reinstalled my server and am now switching to the RSBAC UM
>> system. However, I can't set any passwords and therefore I can't
>> log in.
>>
>> When issuing
>> $ rsbac_usermod -p some_password secoff
>> I always get the following as a response:
>> Unable to lock password into physical memory!
>
> This is only a warning, because the password could be swapped to disk
> and retrieved from there. The password should still be set.
>
>> No errors in the logs though. /proc/rsbac/rmsg doesn't say
>> anything, and I don't get any other log messages either.
>> Any ideas what might be causing this?
>
> As Andrew wrote, user secoff does not have
> CAP_IPC_LOCK and therefore cannot lock memory.
>
>> I'm using RSBAC 1.3.4(-r1) in a 2.6.21 Kernel (Gentoo RSBAC
>> patchset out of Portage) glibc 2.5(-r4 out of portage as well).
>> Apparently libnss_rsbac.la doesn't link correctly against
>> librsbac.la - or so says revdep-rebuild. Recompiling rsbac-admin
>> doesn't fix this.
>
> The lib paths change between systems, Kang has already started looking
> after that.
>
> Amon.
More information about the rsbac
mailing list