Systemlog shows this entry: Dec 16 14:51:03 localhost su[2130]: PAM adding faulty module: /usr/lib64/security/pam_cracklib.so Dec 16 14:51:03 localhost su[2130]: PAM unable to dlopen(/usr/lib64/security/pam_cracklib.so): /usr/lib64/security/pam_cracklib.so: cannot open shared object file: No >
Just checked my own system journal, which shows also: Rha 16 20:03:40 gdm-password][2191]: PAM unable to dlopen(/usr/lib64/security/pam_cracklib.so): /usr/lib64/security/pam_cracklib.so: cannot open shared object file: No such file or directory Rha 16 20:03:40 gdm-password][2191]: PAM adding faulty module: /usr/lib64/security/pam_cracklib.so followed by: Rha 16 20:03:40 gdm-password][2191]: pam_succeed_if(gdm-password:auth): requirement "user ingroup nopasswdlogin" not met by user "lewis" This is using GDM to Xfce, but no adverse effects. I cannot find where this library comes from exactly. The nearest I found was: webmin:/usr/share/webmin/pam/pam_cracklib.so.pl but doubt this is the one. Assigning globally, but whatever it is it does not seem to matter.
Summary: PAM: log entry => PAM: errors in journal re '/usr/lib64/security/pam_cracklib.so'Assignee: bugsquad => pkg-bugs
gdm still tries to load pam_cracklib which has been obsoleted and removed from lib64pam0. # grep -r cracklib /etc/pam.d/* /etc/pam.d/gdm-smartcard:password requisite pam_cracklib.so try_first_pass retry=3 type= Attempts to load the library been removed from sddm, but not from gdm.
Source RPM: pam-1.5.2-2.mga9.src.rpm => gdm-43.0-1.mga9Summary: PAM: errors in journal re '/usr/lib64/security/pam_cracklib.so' => gdm still tries to load pam_cracklib which has been deprecatedCC: (none) => davidwhodgins
so it should be removed from gdm-pam plugin as well.
(In reply to Marc Krämer from comment #3) > so it should be removed from gdm-pam plugin as well. Yes.
Assignee: pkg-bugs => mageia
It is just an an mga patch from 2016.
building.
Status: NEW => RESOLVEDResolution: (none) => FIXED
Reopening, but feel free to close again if there's a technical justification for it. pam_pwquality replaced pam_cracklib so I think simply removing all pam_cracklib occurrences isn't what we really want. According to pam_pwquality man page: "This module can be plugged into the password stack of a given service to provide some plug-in strength-checking for passwords. The code was originally based on pam_cracklib module and the module is backwards compatible with its options."
CC: (none) => jani.valimaaResolution: FIXED => (none)Status: RESOLVED => REOPENED
@Jani: if we want this, shouldn't it be added to system-auth instead of every service itself?
(In reply to Marc Krämer from comment #8) > @Jani: if we want this, shouldn't it be added to system-auth instead of > every service itself? It's already there, but 'every service itself' must have at least 'password include system-auth' to make it to work.
hmm, ok. So we have to check for every service in /etc/pam.d if it includes this and update that package? I'd say, go ahead - I don't usally change pam, so I might make mistakes here.
I don't think there are many such pkgs left, but at least the patch in gdm should be reviewed.