# can't login from console or ssh (pam System error)

## plank

After doing an emerge world, I can't no longer login from the consoles nor from ssh.

Login in kdm, and both su and su - work fine for any user.

After turning debugging information on on pam I got these lines at a login from the console.

Access is denied and all I get is a "System error"

```

Aug 30 22:00:17 newton pam_stack[20449]: called for "PAM_AUTHENTICATE"

Aug 30 22:00:17 newton pam_stack[20449]: called from "login"

Aug 30 22:00:17 newton pam_stack[20449]: initializing

Aug 30 22:00:17 newton pam_stack[20449]: found previously-used child stack `system-auth'

Aug 30 22:00:17 newton pam_stack[20449]: NOT passing PAM_AUTHTOK to child: source is NULL

Aug 30 22:00:17 newton pam_stack[20449]: passing PAM_CONV to child

Aug 30 22:00:17 newton pam_stack[20449]: NOT passing PAM_FAIL_DELAY to child: source not set

Aug 30 22:00:17 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to child: source is NULL

Aug 30 22:00:17 newton pam_stack[20449]: NOT passing PAM_RHOST to child: source is NULL

Aug 30 22:00:17 newton pam_stack[20449]: NOT passing PAM_RUSER to child: source is NULL

Aug 30 22:00:17 newton pam_stack[20449]: passing PAM_SERVICE to child

Aug 30 22:00:17 newton pam_stack[20449]: passing PAM_TTY to child

Aug 30 22:00:17 newton pam_stack[20449]: passing PAM_USER to child

Aug 30 22:00:17 newton pam_stack[20449]: passing PAM_USER_PROMPT to child

Aug 30 22:00:17 newton pam_stack[20449]: passing data to child

Aug 30 22:00:17 newton pam_stack[20449]: calling substack

Aug 30 22:00:20 newton pam_stack[20449]: substack returned 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to parent

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing data back

Aug 30 22:00:20 newton pam_stack[20449]: passing former back

Aug 30 22:00:20 newton pam_stack[20449]: returning 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: called for "PAM_ACCOUNT"

Aug 30 22:00:20 newton pam_stack[20449]: called from "login"

Aug 30 22:00:20 newton pam_stack[20449]: initializing

Aug 30 22:00:20 newton pam_stack[20449]: found previously-used child stack `system-auth'

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_AUTHTOK to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to child

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_FAIL_DELAY to child: source not set

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to child

Aug 30 22:00:20 newton pam_stack[20449]: passing data to child

Aug 30 22:00:20 newton pam_stack[20449]: calling substack

Aug 30 22:00:20 newton pam_stack[20449]: substack returned 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to parent

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing data back

Aug 30 22:00:20 newton pam_stack[20449]: passing former back

Aug 30 22:00:20 newton pam_stack[20449]: returning 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: called for "PAM_SETCRED"

Aug 30 22:00:20 newton pam_stack[20449]: called from "login"

Aug 30 22:00:20 newton pam_stack[20449]: initializing

Aug 30 22:00:20 newton pam_stack[20449]: found previously-used child stack `system-auth'

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to child

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to child

Aug 30 22:00:20 newton pam_stack[20449]: passing data to child

Aug 30 22:00:20 newton pam_stack[20449]: calling substack

Aug 30 22:00:20 newton pam_stack[20449]: substack returned 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to parent

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing data back

Aug 30 22:00:20 newton pam_stack[20449]: passing former back

Aug 30 22:00:20 newton pam_stack[20449]: returning 0 (Success)

Aug 30 22:00:20 newton pam_stack[20449]: called for "PAM_OPEN_SESSION"

Aug 30 22:00:20 newton pam_stack[20449]: called from "login"

Aug 30 22:00:20 newton pam_stack[20449]: initializing

Aug 30 22:00:20 newton pam_stack[20449]: found previously-used child stack `system-auth'

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to child

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to child: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to child

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to child

Aug 30 22:00:20 newton pam_stack[20449]: passing data to child

Aug 30 22:00:20 newton pam_stack[20449]: calling substack

Aug 30 22:00:20 newton pam_stack[20449]: substack returned 4 (System error)

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_AUTHTOK to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_CONV to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_FAIL_DELAY to parent

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_OLDAUTHTOK to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RHOST to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: NOT passing PAM_RUSER to parent: source is NULL

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_SERVICE to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_TTY to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing PAM_USER_PROMPT to parent

Aug 30 22:00:20 newton pam_stack[20449]: passing data back

Aug 30 22:00:20 newton pam_stack[20449]: passing former back

Aug 30 22:00:20 newton pam_stack[20449]: returning 4 (System error)

Aug 30 22:00:20 newton pam_console[20449]: user is "cvalente"

Aug 30 22:00:20 newton pam_console[20449]: parsing config file /etc/security/console.perms

Aug 30 22:00:20 newton pam_console[20449]: check console /dev/vc/1

Aug 30 22:00:20 newton pam_console[20449]: checking possible console "/dev/vc/1"

Aug 30 22:00:20 newton pam_console[20449]: console /dev/vc/1 is owned by UID 0

Aug 30 22:00:20 newton pam_console[20449]: console /dev/vc/1 is a character device

Aug 30 22:00:20 newton pam_console[20449]: console file lock already in place /var/run/console/console.lock

Aug 30 22:00:20 newton login[20449]: System error

Aug 30 22:00:23 newton pam_stack[20449]: freeing stack data for `system-auth' service

```

from ssh all I get is

```

Aug 29 19:55:14 newton sshd[21234]: fatal: PAM: pam_open_session(): System error

```

My pam version  is 0.78-r2

Does anybody know what's going on? I am not sure it's related with pam, but all data points that way.

Thank you all In advance.

----------

## Dlareh

etc-update / dispatch-conf

----------

## pilla

Moved from DE.

----------

## plank

 *Dlareh wrote:*   

> etc-update / dispatch-conf

 

That's  what I did first.

Then I reemerged pam and did etc-update, the problem never changed

----------

## Frerk

I decided to emerge system after waiting for months and got

52 config files to check and merge. So I decided to accept

all new versions. Afterwards I had to restore several important

features that were disconfigured. After one evening of work

everything worked again with the exception of login in a text console.

I reemerged pam with the USE flag PAM_CONSOLE set.

so /lib/security/pam_console.so

was build again.

/etc/securetty

says vc/1 is ok to login.

But root and user cannot login nevertheless.

It must be a problem in the configuration of pam.

But I'm no expert in pam and there is a dozend of

configuration files, some like access.conf, login.perms

and login.defs and so on.

Any hint?

Frerk

----------

## plank

 *Quote:*   

> 
> 
> I decided to emerge system after waiting for months and got 
> 
>  52 config files to check and merge. So I decided to accept 
> ...

 

This was also the first update after 3 or 4 months. I tried with pam_console and later on without it and nothing changed.

I think the problem is pam_open_session (it returns system error), but loggong doesn't say the reason at all.

If no one posts a tentative solution to this I guess I'll just have to rebuild a patched version of pam with a lot of debugging information there so as to try to see what's going on.

I don't know much about pam, but from what I know, there's nothing wrong with my system.

----------

## Frerk

cracklib suddenly checks already given passwords.

If they are not strong enough, login is denied.

Its

 password   required     pam_cracklib.so retry=3

in

 /etc/pam.d/system-auth

Solution:

Comment out cracklib or

set new strong passwords

Frerk

----------

## plank

 *Frerk wrote:*   

> cracklib suddenly checks already given passwords.
> 
> If they are not strong enough, login is denied.
> 
> Its
> ...

 

First of all, thank you very much for your answer!

I followed your suggestion but It didn't work, and I don't think it should have anyway.

I commented the line "password   required     pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3" on  /etc/pam.d/system-auth

and got the same error.

The reason I think this shouldn't work is that if the problem was in  /etc/pam.d/system-auth, then every login would be compromised (su -, kde, etc), and only some are (console, ssh), kde for instance also uses this file.

Also, my passwords are not week, cracklib doesn't complain when I set them (I tested this).

Again, thanks for your help.

Anybody with any idea of what's going on, please post it!

----------

## Jylppy

I have exactly the same problem. I noticed it just today since it was my first reboot after pam update. I normally use kdm which works ok, but console login and ssh fail to "system error". Here are some log lines.  

Accepted publickey for user from xxx.yyy.zzz.ddd port 1759 ssh2

error: PAM: pam_open_session(): System error

sshd[7354]: Accepted keyboard-interactive/pam for root from  xxx.yyy.zzz.ddd port 1770 ssh2

login[6905]: System error

sshd[7354]: syslogin_perform_logout: logout() returned an error

sshd[29244]: Accepted keyboard-interactive/pam for user from 127.0.0.1 port 4863 ssh2

login[30196]: System error

I noticed that the keyboard outputs strange characters in console mode. Some special characters such as '#' map either to a long sequence of '-_-_-_-_-_'  kind of crap or then act as delete. Really weird. I have unicode transition ongoing and I think I have some settings still "in progress"...

Any good guesses? 

- J

----------

