Package: libpam-modules Version: 1.0.1-5+lenny1 The following message is logged to auth.log:
-screen: pam_tally(screen:auth): Error opening /var/log/faillog for update Because it's configured with onerr=fail, this blocks login. Steps to reproduce: Add pam-tally.so to /etc/pam.d/common-auth: auth required pam_tally.so onerr=fail deny=5 unlock_time=1800 Configure a non-root user to use /usr/bin/screen as shell in /etc/passwd. Login as that user and lock the terminal using either the shortcut key or the "lockscreen" internal command. The builtin lock program invokes pam as the user, instead of as root. Attempt to unlock, the error message shown above is logged. Remove pam_tally and the unlock succeeds. First noticed in screen 4.0.3-11, and still present in -13. Although it may be possible to use a different shell or locking program, I chose this combination as it highlights the error. -- Mark Smith -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
