Bug 1215805

Summary: keine Authentifizierung per dovecot nach update; PAM adding faulty module
Product: [openSUSE] openSUSE Distribution Reporter: Robert Divko <Robert>
Component: MaintenanceAssignee: Andreas Schwab <schwab>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None CC: frede, maintenance, meissner, Michael.Dobrovnik
Version: Leap 15.4   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Robert Divko 2023-09-28 10:49:21 UTC 
nach update heute früh ca. 7.00 MET (glib, ….) keine Authentifizierung per dovecot mehr möglich. Senden von Mail und login per shell möglich.

in /var/log/
2023-09-28T12:21:18.311949+02:00 outof auth: PAM adding faulty module: /lib64/security/pam_umask.so
2023-09-28T12:21:18.311979+02:00 outof auth: PAM unable to dlopen(/lib64/security/pam_warn.so): /lib64/security/pam_warn.so: failed to map segment from shared object

sicherheitshalber apparmor gestoppt, disabled, reboot, kein Effekt
Comment 1 Robert Divko 2023-09-28 11:13:09 UTC 
multiple pam modules affected
ssh password login works
(obviously) dovecot authentification for imap and pop did work before (6:14)
Comment 2 hui 2023-09-28 11:13:36 UTC 
Bug 1215643 ?
Comment 3 Robert Divko 2023-09-28 12:19:35 UTC 
I don’t see crashes of dovecot.
Perhaps a module not linked against new glib-c?
Comment 4 Robert Divko 2023-09-28 12:56:54 UTC 
Error log of dovecot:
Sep 28 14:42:09 mailserver dovecot[26284]: auth-worker(26436): conn unix:auth-worker (pid=26287,uid=459): auth-worker<74>: pam(user,ipadress,<4LXqomoGGMtNBHqX>): pam_authenticate() failed: Module is unknown
Comment 5 Robert Divko 2023-09-28 14:52:45 UTC 
after rollback:
zypper in --oldpackage glibc-2.31-150300.52.2
everything works again
—> seams to be connected to glibc change
Comment 6 Joerg Frede 2023-09-28 17:47:16 UTC 
Same in OpenSUSE Leap 15.5 testing rollback. 

Kind Regards,
Joerg
Comment 7 Joerg Frede 2023-09-28 17:53:50 UTC 
rollback works!

glibc-2.31-150300.58.1 produces strange PAM Errors after some authentications.

glibc-2.31-150300.52.2 works without problems.
Comment 8 Joerg Frede 2023-09-28 18:16:57 UTC 
seems this is an update from the SLE update repo.

http://download.opensuse.org/update/leap/$releasever/sle/

latest update on the oss repo is 2.31-150300.46.1
Comment 9 Robert Divko 2023-09-28 18:45:46 UTC 
(In reply to Robert Divko from comment #5)
> after rollback:
> zypper in --oldpackage glibc-2.31-150300.52.2
> everything works again
> —> seams to be connected to glibc change

rollback was from latest 15.4 glibc package: 2.31-150300.58.1
Comment 10 Joerg Frede 2023-09-29 06:17:13 UTC 
glibc-2.31-150300.52.2 is also the 2nd latest version on Leap 15.5. seems it is shared from the SLE15 Repo.
Comment 11 Robert Divko 2023-09-29 12:36:02 UTC 
How does it get forwarded to the right people to get it analyzed and fixed?
Comment 13 Andreas Schwab 2023-10-04 12:52:03 UTC 
dup

*** This bug has been marked as a duplicate of bug 1215891 ***