|
我的kde4.1.2是在runlevel 3下使用startx启动的
但是KDE lock后 unlock会失败
最初怀疑是pam.d缺乏配置文件xdm kdm
我cp /etc/pam.d/login生成了 xdm kdm
root [ ~ ]# cat /etc/pam.d/kdm
# Begin /etc/pam.d/login
auth requisite pam_nologin.so
auth required pam_securetty.so
auth required pam_unix.so
account required pam_access.so
account required pam_unix.so
session required pam_env.so
session required pam_motd.so
session required pam_limits.so
session optional pam_mail.so dir=/var/mail standard
session optional pam_lastlog.so
session required pam_unix.so
password required pam_cracklib.so retry=3
password required pam_unix.so md5 shadow use_authtok
后来发现没有/etc/securetty 我也创建了
root [ ~ ]# cat /etc/securetty
# /etc/securetty: list of terminals on which root is allowed to login.
# See securetty(5) and login (1)
# for people with serial port consoles
ttyS0
# for devfs
tts/0
# Standard consoles
tty1
tty2
tty3
tty4
tty5
tty6
tty7
但是现在依然会失败
var/log/auth.log显示如下
Nov 3 08:54:45 lfs kcheckpass[1750]: pam_warn(kde:auth): function=[pam_sm_authenticate] service=[kde] terminal=[:0] user=[root] ruser=[<unknown>] rhost=[<unknown>]
Nov 3 08:54:45 lfs kcheckpass[1750]: Authentication failure for root (invoked by uid 0)
Nov 3 08:54:52 lfs kcheckpass[1751]: pam_warn(kde:auth): function=[pam_sm_authenticate] service=[kde] terminal=[:0] user=[root] ruser=[<unknown>] rhost=[<unknown>]
Nov 3 08:54:52 lfs kcheckpass[1751]: Authentication failure for root (invoked by uid 0)
google结果显示 建议
create a shadow group which will be used for user's needing read-access to /etc/shadow.
但是BLFS手册并没有提到shadow group的创建
我也不知道改用哪一个GID创建
我很怀疑即便创建也未必能解决这个问题
因为我把/etc/shadow设置为所有人都可读 还是会在unlock时认证失败
BLFS About System Users and Groups 提到的GID UID 如下
Table 3.1. UID/GID Suggested Values
Name
uid
gid
bin 1
lp 9
messagebus 18 18
haldaemon 19 19
named 20 20
gdm 21 21
fcron 22 22
apache 25 25
smmsp 26 26
exim 31 31
postfix 32 32
postdrop 33
sendmail 34
mail 34
vmailman 35 35
news 36 36
mysql 40 40
postgres 41 41
ftp 45 45
proftpd 46 46
vsftpd 47 47
rsyncd 48 48
sshd 50 50
stunnel 51 51
svn 56 56
svntest 57
games 60 60
anonymous 98
nobody 99
nogroup 99 |
|