# Unknown PAM_ITEM: <XAUTHORITY>

## shamu112

I've recently encounterd the following in my /var/log/messages:

<code>

PAM-env[13518]: Unknown PAM_ITEM: <XAUTHORITY>

sshd[13518]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

PAM-env[13556]: Unknown PAM_ITEM: <XAUTHORITY>

sshd[13556]: PAM pam_putenv: delete non-existent entry; XAUTHORITY

</code>

<code>

/etc/pam.d/sshd:

#%PAM-1.0

auth       required     pam_stack.so service=system-auth

auth       required     pam_shells.so

auth       required     pam_nologin.so

account    required     pam_stack.so service=system-auth

password   required     pam_stack.so service=system-auth

session    required     pam_stack.so service=system-auth

/etc/pam.d/su:

#%PAM-1.0

auth       sufficient   /lib/security/pam_rootok.so

auth       required     /lib/security/pam_wheel.so use_uid

auth       required     /lib/security/pam_stack.so service=system-auth

account    required     /lib/security/pam_stack.so service=system-auth

password   required     /lib/security/pam_stack.so service=system-auth

session    required     /lib/security/pam_stack.so service=system-auth

session    optional     /lib/security/pam_xauth.so

</code>

Is there any reason why this is showing up?  It seemed to occur after the last update to sys-libs/pam-0.77-r1.

I looked for anything related in the forums and on the PAM webpages and found nothing.

----------

## wdconinc

Problem confirmed.  Occured after upgrade to pam-0.77-r3.

I have an additional line in /etc/pam.d/su:

```
session    required     /lib/security/pam_env.so
```

EDIT: Adding this line does not solve it!  That's just also in this file...Last edited by wdconinc on Mon Nov 22, 2004 5:48 pm; edited 1 time in total

----------

## shamu112

Adding "session    required     /lib/security/pam_env.so" to /etc/pam.d/su doesn't seem to have any effect on the problem.

I'm also getting:

su[13023]: PAM pam_putenv: delete non-existent entry; REMOTEHOST

----------

## y0zza

Try commenting out the three lines in /etc/security/pam_env.conf.

```
REMOTEHOST     DEFAULT= OVERRIDE=@{PAM_RHOST}

DISPLAY        DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}

XAUTHORITY     DEFAULT= OVERRIDE=@{XAUTHORITY}
```

----------

## shamu112

That solved it.  Thanks!

I wonder why it was commented by default?

----------

## wdconinc

More info in bug 69925, comment 12.  Apparently some bugfix created more problems than it solved.

wouter

----------

