[ClusterLabs] pcs cluster auth returns authentication error
jpokorny at redhat.com
Mon Sep 5 17:32:54 EDT 2016
On 26/08/16 02:14 +0000, Jason A Ramsey wrote:
> Well, I got around the problem, but I don’t understand the solution…
> I edited /etc/pam.d/password-auth and commented out the following line:
> auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
> Anyone have any idea why this was interfering?
No clear idea, but...
> On 08/25/2016 03:04 PM, Jason A Ramsey wrote:
>> type=USER_AUTH msg=audit(1472154922.415:69): user pid=1138 uid=0
>> auid=4294967295 ses=4294967295 subj=system_u:system_r:initrc_t:s0
>> msg='op=PAM:authentication acct="hacluster" exe="/usr/bin/ruby"
>> hostname=? addr=? terminal=? res=failed'
First, this definitely has nothing to do with SELinux (as opposed to
"AVC" type of audit record).
As a wild guess, if you want to continue using pam_tally2 module
(seems like a good idea), I'd suggest giving magic_root option
a try (and perhaps evaluate if that would be an acceptable compromise).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: not available
More information about the Users