This issue with libpam predates mysql 5.7. It's present in trusty's vsftpd 3.0.2-1ubuntu2.14.04.1, mysql 5.5.54-0ubuntu0.14.04.1, and the standard libpam package. My workaround last year when I encountered the issue was to remove both vsftpd and libpam-mysql from the default repos and to manually install vsdfpd from
http://dinofly.com/files/linux/vsftpd_3.0.2-1ubuntu2_amd64.deb https://ubuntuforums.org/archive/index.php/t-2218804.html is the spot where I found this fix a year ago. I've been waiting for an official fix ever since but if one has been released, I missed it. I'm still running this custom version. It is entirely possible that the bug I'm experiencing with 5.5 is different but related to what is causing the problem covered in 1574900, but as the symptoms seem to be identical, I tend to assume it is the same bug. The host involved here is my employer's primary public ftp server where we give 3rd parties (customers, contractors, etc) the ability to upload large files and we have a simple mysql db where their virtual users are kept. If you need a guinea pig host for testing, I can easily spin up a clone of this system for testing purposes. -----Original Message----- From: boun...@canonical.com [mailto:boun...@canonical.com] On Behalf Of Nish Aravamudan Sent: Monday, March 20, 2017 11:56 AM To: Joi L. Ellis <jlel...@pavlovmedia.com> Subject: [Bug 1574900] Re: libpam-mysql undefined symbol: make_scrambled_password @jlellis: There is no MySQL 5.7 in Trusty. Are you using a PPA? Or are you saying that MySQL 5.5 also has this problem? -- You received this bug notification because you are subscribed to pam- mysql in Ubuntu. Matching subscriptions: pam-mysql https://bugs.launchpad.net/bugs/1574900 Title: libpam-mysql undefined symbol: make_scrambled_password Status in pam-mysql package in Ubuntu: Fix Released Status in pam-mysql source package in Xenial: Fix Committed Status in pam-mysql source package in Yakkety: Fix Committed Status in pam-mysql package in Fedora: Unknown Bug description: [Impact] * libpam-mysql is unable to be used because of an upstream symbol change in libmysqlclient. * Upstream libpam-mysql has fixed this by updating the source to use the now-exported API. [Test Case] Steps to reproduce (with vsftpd): Installation requirements: mysqlserver 5.7.x, libpam-mysql, vsftpd create vsftpd user: useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd create mysql database and user: == // Start SQL CREATE DATABASE vsftpd; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass'; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass'; FLUSH PRIVILEGES; USE vsftpd; CREATE TABLE `accounts` ( `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `username` VARCHAR( 30 ) NOT NULL , `pass` VARCHAR( 50 ) NOT NULL , UNIQUE ( `username` )); insert into accounts(username,pass) values('user',password('password')); ==// End SQL Configure PAM: insert into /etc/pam.d/vsftpd: auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass account required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass Configure vsftpd (/etc/vsftpd.conf) : listen=YES anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES nopriv_user=vsftpd chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=vsftpd guest_enable=YES guest_username=vsftpd local_root=/home/vsftpd/$USER user_sub_token=$USER virtual_use_local_privs=YES restart vsftpd: /etc/init.d/vsftpd restart check /var/log/auth.log [Regression Potential] * There is currently no fix or workaround, as the library is basically broken as installed from Ubuntu. * I believe the regression potential to be very low because the current code does not work. --- In Ubuntu 16.04, the libpam-mysql package does not work. It crashes with the below error: PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so: undefined symbol: make_scrambled_password I fixed this issue by download the source for the package and applying the patches that come from this source RPM: http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm I then created unofficial packages after applying the patch. They can be downloaded here: http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb libpam-mysql now works again on Ubuntu 16.04 x86 and x64. Here is the initial RedHat bug report: https://bugzilla.redhat.com/show_bug.cgi?id=709534 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1574900 Title: libpam-mysql undefined symbol: make_scrambled_password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
