Error Opening /var/log/faillog For Update
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Unix & Linux Questions Tags Users Badges Unanswered Ask Question _ Unix & Linux Stack Exchange is a question and answer site for users of Linux, FreeBSD and other Un*x-like operating systems. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top kcheckpass error opening /var/log/faillog up vote 0 down vote favorite I am seeing the following errors: $ journalctl -b -p3 -- Logs begin at Mon 2016-05-16 21:40:56 EDT, end at Wed 2016-07-27 22:30:13 EDT. -- Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:auth): Error opening /var/log/faillog for update Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:auth): Error opening /var/log/faillog for read Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:auth): Error opening /var/log/faillog for update Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:auth): Error opening /var/log/faillog for read Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:setcred): Error opening /var/log/faillog for update Jul 27 22:22:26 x99 kcheckpass[5682]: pam_tally(kde:setcred): Error opening /var/log/faillog for update The man page for kcheckpass says: kcheckpass - KDE's authentication program Any program, such as a screensaver with a lock option, that needs to authenticate a user, can use kcheckpass. kcheckpass is a simple setuid program that returns 0 if the user has been authenticated, and 1 if not. Other programs that need user authentication can use kcheckpass witout having setuid status, thus simplifying programs and enhancing system security. SECURITY kcheckpass must be setuid on systems that use shadow passwords. I understand that the setuid permission bit tells Linux to run a program with the effective user id of the owner instead of the executor. However, I do not understand how to implement the solution in this case. What exactly do I need
Printing -XML -Clone This Bug -Last Comment First Last Prev Next This bug is not in your last search results. Bug166682 - pam_tally can not write to /var/log/faillog Summary: pam_tally can not write to /var/log/faillog Status: CLOSED DUPLICATE of bug 133854 Aliases: None Product: Red Hat Enterprise Linux 4 Classification: Red Hat Component: pam (Show other bugs) Sub Component: --- Version: 4.0 Hardware: i386 Linux Priority medium Severity medium TargetMilestone: --- TargetRelease: --- Assigned To: Tomas Mraz QA Contact: David http://unix.stackexchange.com/questions/302381/kcheckpass-error-opening-var-log-faillog/302960 Lawrence Docs Contact: URL: Whiteboard: Keywords: Depends On: Blocks: Show dependency tree /graph Reported: 2005-08-24 12:07 EDT by Stephen John Smoogen Modified: 2007-11-30 17:07 EST (History) CC List: 0 users See Also: Fixed In Version: Doc Type: Bug Fix Doc Text: Story Points: --- Clone Of: Environment: Last Closed: 2005-08-24 15:25:43 EDT Type: --- Regression: --- Mount Type: --- https://bugzilla.redhat.com/show_bug.cgi?id=166682 Documentation: --- CRM: Verified Versions: Category: --- oVirt Team: --- RHEL 7.3 requirements from Atomic Host: Cloudforms Team: --- Attachments (Terms of Use) Add an attachment (proposed patch, testcase, etc.) Groups: None (edit) Description Stephen John Smoogen 2005-08-24 12:07:39 EDT From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050719 Red Hat/1.0.6-1.4.1 Firefox/1.0.6 Description of problem: using pam_tally to log faillog causes xscreensaver not to be able to validate the user. this may be user error, but am following the examples from the README. Version-Release number of selected component (if applicable): pam-0.77-66.10 How reproducible: Always Steps to Reproduce: 1. Create faillog touch /var/log/faillog; chown root:root /var/log/faillog; chmod 0400 /var/log/faillog; #matches /var/log/lastlog 2. Add lines to /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account required /lib/security/$ISA/pam_tally.so reset no_magic_root account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 sha
Sign in Pricing Blog Support Search GitHub This repository Watch 180 Star 1,852 https://github.com/linuxmint/Cinnamon/issues/2510 Fork 392 linuxmint/Cinnamon Code Issues 966 Pull requests 6 Projects 0 Wiki Pulse Graphs New issue cinnamon-screensaver: Error opening /var/log/faillog for update #2510 Closed https://bugs.debian.org/524866 orschiro opened this Issue Oct 20, 2013 · 7 comments Projects None yet Labels None yet Milestone No milestone Assignees No error opening one assigned 3 participants orschiro commented Oct 20, 2013 I get the following error message: pam_tally(cinnamon-screensaver:setcred): Error opening /var/log/faillog for update [orschiro@thinkpad ~]$ ls /var/log/faillog -rw------- 1 root root 32064 Oct 20 08:24 /var/log/faillog [orschiro@thinkpad ~]$ ps aux | grep cinnamon-screensaver orschiro 1021 0.0 0.1 471584 14136 tty1 Sl error opening /var/log/faillog 08:26 0:02 cinnamon-screensaver orschiro 20757 0.0 0.0 12876 1080 pts/1 S+ 20:50 0:00 grep cinnamon-screensaver It seems that this issue is caused because cinnamon-screensaver runs as user and tries to write to /var/log which requires root privileges. What can be done with this? Installed packages: [orschiro@thinkpad ~]$ pacman -Q | grep cinnamon cinnamon 2.0.2-2 cinnamon-control-center 2.0.2-1 cinnamon-desktop 2.0.1-1 cinnamon-screensaver 2.0.0-1 cinnamon-session 2.0.1-1 cinnamon-settings-daemon 2.0.1-2 cinnamon-translations 2.0.1-1 clfarron4 commented Oct 20, 2013 I have this as well in ArchLinux. It seems that this issue is caused because cinnamon-screensaver runs as user and tries to write to /var/log which requires root privileges. Surely you mean /var/log/faillog? I have logs which I can write to in ArchLinux. orschiro commented Oct 20, 2013 Pretty sure. See my error log output above. cinnamon-screensaver tries to write to /var/log/faillog. Or did I misunderstand you? clfarron4 commented Oct 20, 2013
Mon, 20 Apr 2009 12:36:01 UTC Severity: normal Found in version 1.0.1-5 Done: Steve Langasek