Package: libpam-modules Version: 1.1.3-7.1 Severity: normal Dear Maintainer, We have a system where group names are derived from Active Directory -- I have no control over their names. Some have a full-stop in their names.
pam_group.so parses a group with a full-stop in its name as two separate group names. So a line like: *;*;%Lab.All;Al0000-2400;www-data in /etc/security/group.conf generates lines like: May 31 14:01:42 stage sshd[32597]: pam_group(sshd:setcred): bad group: Lab May 31 14:01:42 stage sshd[32597]: pam_group(sshd:setcred): bad group: All in /var/log/auth.log -- System Information: Debian Release: 7.11 APT prefers oldstable APT policy: (990, 'oldstable') Architecture: ia64 Kernel: Linux 2.6.32-5-vserver-mckinley (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-modules depends on: ii debconf [debconf-2.0] 1.5.49 ii libc6.1 2.13-38+deb7u10 ii libdb5.1 5.1.29-5 ii libpam-modules-bin 1.1.3-7.1 ii libpam0g 1.1.3-7.1 ii libselinux1 2.1.9-5 libpam-modules recommends no packages. libpam-modules suggests no packages. -- Configuration Files: /etc/security/access.conf changed [not included] /etc/security/group.conf changed [not included] /etc/security/limits.conf changed [not included] -- debconf information excluded