Skip to content
This repository has been archived by the owner on Sep 23, 2021. It is now read-only.

res=failed in journal #91

Open
x70b1 opened this issue Jan 24, 2020 · 2 comments
Open

res=failed in journal #91

x70b1 opened this issue Jan 24, 2020 · 2 comments

Comments

@x70b1
Copy link

x70b1 commented Jan 24, 2020
edited
Loading

I have the following line in my journal:

Jan 24 15:33:22 foo kernel: audit: type=1100 audit(1579876402.043:98): pid=40521 uid=1000 auid=1000 ses=1 msg='op=PAM:authentication grantors=pam_unix acct="x70b1" exe="/usr/bin/physlock" hostname=foo addr=? terminal=tty2 res=success'
Jan 24 15:33:22 foo kernel: audit: type=1110 audit(1579876402.043:99): pid=40521 uid=1000 auid=1000 ses=1 msg='op=PAM:setcred grantors=pam_unix acct="x70b1" exe="/usr/bin/physlock" hostname=foo addr=? terminal=tty2 res=success'
Jan 24 15:33:22 foo kernel: audit: type=1109 audit(1579876402.043:100): pid=40521 uid=1000 auid=1000 ses=1 msg='op=PAM:bad_ident grantors=? acct="?" exe="/usr/bin/physlock" hostname=foo addr=? terminal=tty2 res=failed'

My PAM config /etc/pam.d/physlock:

#%PAM-1.0
auth		required	pam_unix.so
account		required	pam_unix.so
password	required	pam_unix.so
session		required	pam_unix.so

I am just asking myself what the third line is about. It seems like an error. But I couldn't find a solution.

i3lock only prints one line, while physlock writes 3 lines log.

Is there anything known about this?
Regardless of this, everything works.
@xyb3rt
Copy link
Owner

xyb3rt commented Mar 14, 2020

I do not know what's causing the bad_ident message. If you're running the current HEAD then the second log message seems to be right, because physlock now calls pam_setcred.
Can you please post i3lock's PAM config?

@x70b1
Copy link
Author

x70b1 commented Mar 16, 2020

It's the default config:

#
# PAM configuration file for the i3lock screen locker. By default, it includes
# the 'system-auth' configuration file (see /etc/pam.d/login)
#

auth include system-auth

My system-auth:

#%PAM-1.0

auth      required  pam_unix.so     try_first_pass nullok
auth      optional  pam_permit.so
auth      required  pam_env.so

account   required  pam_unix.so
account   optional  pam_permit.so
account   required  pam_time.so

password  required  pam_unix.so     try_first_pass nullok sha512 shadow
password  optional  pam_permit.so

session   required  pam_limits.so
session   required  pam_unix.so
session   optional  pam_permit.so

I changed my config to:

#%PAM-1.0
auth		required	pam_unix.so	try_first_pass nullok
account		required	pam_unix.so
password	required	pam_unix.so	try_first_pass nullok sha512 shadow
session		required	pam_unix.so

But the error log is still the same.
If I put auth include system-auth in my config the error is in the log too.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xyb3rt @x70b1