Steve Langasek [Wed, Aug 12, 2009 at 09:14:51AM -0700]: > On Wed, Aug 12, 2009 at 12:15:03PM +0200, Nico Schottelius wrote: > > It seems that pam has a bug that is triggered after some time, that > > "forgets" about the users: > > This is not a PAM bug, you appear to have a bug of some kind in your NSS > configuration.
Well, if this is a configuration issue, why does it appear *after* some amount of time and *not* directly? > > Aug 8 22:39:40 ikr3 postfix/pickup[19602]: fatal: file > > /etc/postfix/main.cf: parameter default_privs: unknown user name value: > > nobody > > If the user 'nobody' can't be resolved, you've broken things quite badly. > Nothing to do with PAM. > > The 'nobody' user should *always* be a local user; this should resolve > correctly even if the LDAP server is down. If you don't have the 'nobody' > user in /etc/passwd, that's a configuration error. If you have the 'nobody' > user in /etc/passwd but NSS fails to return the record because of some That's the case here: [16:58] ikn2:~% ssh r...@host grep -e sshd -e nobody /etc/passwd nobody:x:65534:65534:nobody:/nonexistent:/bin/sh sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin > credentials caching issue, then you have some NSS module bug or NSS > configuration error. Either way, this is not a bug in pam. Agreed, sorry, maybe the wrong package. Can you reassign to libnss3-1d, please? Greets, Nico -- Currently moving *.schottelius.org to http://www.nico.schottelius.org/ ... PGP: BFE4 C736 ABE5 406F 8F42 F7CF B8BE F92A 9885 188C
signature.asc
Description: Digital signature
