[Pkg-shadow-devel] Bug#350040: exec login <user> no longer works, while -f <user> option from root is okay

Jeffrey Sheinberg jeff at bsrd.net
Thu Jan 26 20:53:35 UTC 2006 

Package: login
Version: 1:4.0.13-7
Severity: normal

Hi,

I recently upgraded from sarge to etch.  Under sarge, I would
regularly run this command,

    exec login jsroot

from either the base level shell of an xterm or VC - both ttys
having been specified in /etc/securetty.  

This worked fine under sarge, but now no longer works under etch.

Note that the user jsroot is an alternate root login, which I
regularly use to do sysadmin work.

In the VC case, I get this error message printed on the VC, and
then I am of course logged off,

    No utmp entry.  You must exec "login" from the lowest level "sh"

In the xterm case, the login to root is refused with this error
message printed to the xterm,

    Login incorrect

then these error messages are printed in the syslog,

    Jan 24 12:53:59 l1 login[7422]: (pam_unix) authentication failure; logname= uid=1001 euid=1001 tty=pts/3 ruser= rhost=  user=jsroot
    Jan 24 12:54:02 l1 login[7422]: FAILED LOGIN (1) on `pts/3' from `:0.0' FOR `jsroot', Authentication failure
    
and them I am presented on the xterm with a login prompt.  When I
try to login at this prompt, it is always rejected with this error
message printed in the syslog,

    Jan 24 12:54:51 l1 login[7422]: Authentication service cannot retrieve authentication info.

but nothing else is printed to the xterm.  Eventually, the login
process on the xterm times out, and the xterm is terminated when
login gives up.

In both cases, it appears that the user running the exec login
command has been correctly entered into the utmp file.

In the xterm case, I have discovered a work around for this
problem, I simply su to user jsroot, start an xterm in the
background, and then from that xterm, I can run this command,

    exec login -f jsroot

which gives me the working environment that I wanted in the first
place, but without having to authenticate with jsroot's password.

Thanks,
-- 
Jeffrey Sheinberg


-- System Information:
Debian Release: testing/etch
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable')
Architecture: i386 (i586)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.4.27-7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages login depends on:
ii  libc6                         2.3.5-8    GNU C Library: Shared libraries an
ii  libpam-modules                0.79-3     Pluggable Authentication Modules f
ii  libpam-runtime                0.79-3     Runtime support for the PAM librar
ii  libpam0g                      0.79-3     Pluggable Authentication Modules l

login recommends no packages.

-- no debconf information

More information about the Pkg-shadow-devel mailing list