From: Michael Shigorin <mike@altlinux.org>
To: sisyphus@lists.altlinux.org
Subject: [sisyphus] "tcb_chkpwd: user unknown" (was: kscreenlock & kcheckpass)
Date: Fri, 3 Feb 2017 14:40:45 +0300
Message-ID: <20170203114045.GA14308@imap.altlinux.org> (raw)
In-Reply-To: <20111129210530.GA28139@altlinux.org>
On Wed, Nov 30, 2011 at 01:05:32AM +0400, Dmitry V. Levin wrote:
> > В общем нашел такой вот древний тред
> > http://lists.altlinux.org/pipermail/sisyphus/2008-January/327305.html
> >
> > При control tcb_chkpwd tcb
> > имеем:
> > Nov 29 21:19:01 genesis tcb_chkpwd[16998]: user unknown
> > Nov 29 21:19:11 genesis tcb_chkpwd[17002]: user unknown
> >
> > при: control tcb_chkpwd traditional
> >
> > Nov 29 21:20:32 genesis vlock[17074]: Locked tty on pts/7 for diver by (uid=500)
> > Nov 29 21:20:35 genesis vlock[17074]: Unlocked tty on pts/7 for diver
> > by (uid=500)
>
> Если "control tcb_chkpwd traditional" решает проблему, в то время как
> "control tcb_chkpwd tcb" воспроизводит ее, то, скорее всего, у вас
> local misconfiguration: испортились права доступа на содержимое /etc/tcb.
> О том, как устроены эти права, написано в tcb(5).
Только что диагностировали как раз такую ситуацию после промаха,
вот скоропальная чинилка прав в /etc/tcb/ для архива:
cd /etc/tcb && for u in *; do chown "$u:auth" $u/ $u/shadow && chown root:root "$u"/shadow- "$u"/shadow.lock ||:; done && cd -
(одной строкой)
Также стоит проверить права на сам /etc/tcb/ (0710 root:shadow).
Хотя лучше, конечно, так не промахиваться...
--
---- WBR, Michael Shigorin / http://altlinux.org
------ http://opennet.ru / http://anna-news.info
prev parent reply other threads:[~2017-02-03 11:40 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-29 10:38 [sisyphus] kscreenlock & kcheckpass diver
2011-11-29 12:32 ` Sergey V Turchin
2011-11-29 13:48 ` diver
2011-11-29 14:12 ` Sergey V Turchin
2011-11-29 14:29 ` diver
2011-11-29 14:47 ` Sergey V Turchin
2011-11-29 14:58 ` diver
2011-11-29 15:04 ` Sergey V Turchin
2011-11-29 15:01 ` Sergey V Turchin
2011-11-29 15:05 ` diver
2011-11-29 15:16 ` diver
2011-11-30 11:57 ` Sergey V Turchin
2011-11-30 12:00 ` Sergey V Turchin
2011-11-29 14:48 ` Dubrovskiy Viacheslav
2011-11-29 14:55 ` diver
2011-11-29 18:01 ` Anton Farygin
2011-11-29 18:29 ` diver
2011-11-29 19:26 ` diver
2011-11-29 20:23 ` diver
2011-11-29 21:11 ` Dmitry V. Levin
2011-11-29 22:20 ` diver
2011-11-29 23:02 ` Dmitry V. Levin
2011-11-29 23:04 ` Dmitry V. Levin
2011-11-30 6:55 ` diver
2011-11-30 12:28 ` Dmitry V. Levin
2011-11-30 13:07 ` diver
2011-11-30 13:12 ` diver
2011-11-30 13:44 ` Dmitry V. Levin
2011-11-30 14:01 ` diver
2011-11-30 14:02 ` diver
2011-11-30 14:09 ` diver
2011-11-30 14:30 ` Dmitry V. Levin
2011-11-30 14:34 ` diver
2011-11-30 14:39 ` Dmitry V. Levin
2011-11-30 14:41 ` diver
2011-11-30 14:43 ` diver
2011-11-30 14:57 ` Dmitry V. Levin
2011-11-30 15:02 ` diver
2011-11-30 15:18 ` [sisyphus] rpm-4.0.4-alt100.32 regression Dmitry V. Levin
2011-12-01 2:22 ` Dmitry V. Levin
2011-12-01 13:18 ` [sisyphus] [JT] " Michael Shigorin
2011-11-30 14:11 ` [sisyphus] kscreenlock & kcheckpass Dmitry V. Levin
2011-11-30 14:22 ` diver
2011-11-30 14:27 ` Dmitry V. Levin
2011-11-30 16:54 ` Dubrovskiy Viacheslav
2011-11-29 21:05 ` Dmitry V. Levin
2017-02-03 11:40 ` Michael Shigorin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170203114045.GA14308@imap.altlinux.org \
--to=mike@altlinux.org \
--cc=sisyphus@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Sisyphus discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus/0 sisyphus/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus sisyphus/ http://lore.altlinux.org/sisyphus \
sisyphus@altlinux.ru sisyphus@altlinux.org sisyphus@lists.altlinux.org sisyphus@lists.altlinux.ru sisyphus@lists.altlinux.com sisyphus@linuxteam.iplabs.ru sisyphus@list.linux-os.ru
public-inbox-index sisyphus
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git