From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 566FB1382C5 for ; Wed, 17 Jun 2020 07:41:16 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 72DA3E0A45; Wed, 17 Jun 2020 07:41:07 +0000 (UTC) Received: from mout.web.de (mout.web.de [212.227.15.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C2C28E0A03 for ; Wed, 17 Jun 2020 07:41:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=dbaedf251592; t=1592379651; bh=zgg6WH6VNsz+X16h7gDxWYeSdZ1luUU8l2vZ3om9avs=; h=X-UI-Sender-Class:From:To:Subject:Date; b=jQb+Cnuz2tTqJimFEGyvtWml8RS90Vl8VJ3t3UoKs6wjtJBS0pM6Qv5nsW80EioqM aaRw/Sp/b9HPsAvp7lTaUkx80bX7rkpF7stAQvfS4HKr+/jcegU/uVXyWSoD3HXHJT eCewiX7RLjZcz2sZo6KD7hzr4e+gToGPs6X+0hrk= X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9 Received: from [213.55.224.210] ([213.55.224.210]) by web-mail.web.de (3c-app-webde-bs51.server.lan [172.19.170.107]) (via HTTP); Wed, 17 Jun 2020 07:54:27 +0200 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Message-ID: From: Andreas Fink To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Warning: Do not update PAM on ~amd64 Content-Type: text/html; charset=UTF-8 Date: Wed, 17 Jun 2020 07:54:27 +0200 Importance: normal Sensitivity: Normal X-Priority: 3 X-Provags-ID: V03:K1:Ete73e3bxvNdNPsAkRziSwv/Wi2ivK0SmS9Fg4K61Zu4OxFZeoSt2Xo/r9GRXtUEQLAVu LywwdX3JQsbo8G0387WBx9zJvoEy2yUhjBa60skKR/738JE4qgoM4/PffJmmfDAAoGGbClky2513 dmBnOXZ1dmydKs3qiaVEhFKgBX0kSWUypeWg2qehQwtIwQ4QQ7s1iEhEf38TOMKnMMWoxJRTOrQR Ob/m5lR77e9X4Gz920vciIsPw4iE5q/LVKm1zInVEGrK4ExWkjZPw8/b2kYSTct5k+6iGKwQQMu3 d0= X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:NwdHtjknMww=:RBDuChoeoHg3uz0K2t6awH tnAPBsIkRDE9JGOMebOszMNDYXPSkNBfFr7Aohyno+9ujIbU5UK7N6KBK0gdb4KmqY0DFgZwY qKPlvgWEQ83Qag7Biuj28GwBFRWIZTVk+RTSwirhJo536/PeqFPu1b7tYXbx8hGYDRcosaEHB 4E8unQLuSC/VDBjGvHbTIQrOWakLAJSB7KGgI8wlLZHogyiVfUfq4K08xb1PoGavgbqI/wevU ajJiQlKxAebEy5eK3mGVt6P6l7vCnEX79Of+8ACnHMTW3ae0tUvanplFA+9AXmXIJwUf2cYRQ 9/+37KnSpG8MdthprGC1kBaE+nWvNU1MydxPPU6H4fF9aJQFwe1bj9JgFjtVSmT4k9M0xz28A MM6LijXROVcrletIsnp/pE8IVZUAJY8WNQebFg48dxC7d6CdQZUSeZjZAcu4PJUvqLd/LGIMe 1K/i65gnesuRfRMmIDP75lM9JHulABmb+NCe/WaFwD0CKg+jKMc9/lKuUXHMxFikqQUEDRnIB VLXg/BbT4642pwpQlk4kR+XbfjLcNyBv9yOGADs2wuHTF6Fk7MTvfLRdAJNk1SLMiTi+j8oB/ At0/LZNxj1TLy0wfHGIvSXNyS/39+s7D8iDerbnMzfiZaf2YocDQFA1ZtUIhtlVAsBVHOD6rd ls6jdjfjBzjCi0KZrBDNTFoIi86WCHz55hq4mf/JTpMYbnGxw/bjhYc1boSHH5kMyP1A= X-Archives-Salt: 7384bd33-4fa4-41ab-869e-6c7e82f3a753 X-Archives-Hash: c9049d796bb90a5cc5e44c76d6eaa97b
Hello,
I've noticed a problem with the current PAM update to
sys-libs/pam-1.4.0.

The update adds passwdqc USE to sys-auth/pambase, which pulls in
sys-auth/passwdqc. However sys-auth/passwdqc fails to build on my
system, and leaves me with an installed sys-libs/pam-1.4.0 which is
broken and does not allow any new login.
The end result is that sys-libs/pam-1.4.0 was successfully merged but
sys-auth/pambase will not be merged, due to a build failure in passwdqc.
Disabling the USE flag passwdqc for pambase allows an update to pambase
too, and logins work again.
 
This is a warning to anyone out there who updates daily and runs an
~amd64.
 
One system that I updated and restarted, I cannot login to it anymore
(or ssh into it). Another system that I updated and currently am
writing from, I'm still logged in after the broken update. and I can
see the following error message (before disabling the USE flag passwdqc
for the package pambase):
PAM unable to dlopen(/lib64/security/pam_cracklib.so): /lib64/security/pam_cracklib.so: cannot open shared object file: No such file or directory
PAM adding faulty module: /lib64/security/pam_cracklib.so
 
After doing a
USE=-passwdqc emerge -a1 pambase
the error messages disappear from the system logs and I am able to
login to my machine again. However if you reboot with the broken state
you will have a hard time updating it, since you cannot login to your
machine anymore and need a chroot from a live system.
 
The bug report for passwdqc is here:
https://bugs.gentoo.org/728528
 
Cheers
Andreas