oracle的shell限制设定与用户本地登陆问题
平台:RHEL 5.2 x86_64
故障描述:x86_64位版本,进行如下设定时,当系统运行级别为3时,用户从本地终端登录将被拒绝,而从网络登录没有问题。
(系统运行在级别为5时,从本地终端登录没有问题)
cat >> /etc/pam.d/login <session required /lib/security/pam_limits.so
EOF
/var/log/secure 的内容:
Sep 9 15:37:52 web204 login: FAILED LOGIN 1 FROM (null) FOR wang, Authentication failure
Sep 9 15:37:59 web204 login: pam_unix(login:session): session opened for user wang by LOGIN(uid=0)
Sep 9 15:37:59 web204 login: Module is unknown
Sep 9 16:21:53 web204 login: PAM unable to dlopen(/lib/security/pam_limits.so)
Sep 9 16:21:53 web204 login: PAM [error: /lib/security/pam_limits.so: wrong ELF class: ELFCLASS32]
Sep 9 16:21:53 web204 login: PAM adding faulty module: /lib/security/pam_limits.so
Sep 9 16:21:58 web204 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Sep 9 16:21:58 web204 login: Module is unknown
Sep 9 16:22:23 web204 login: PAM unable to dlopen(/lib/security/pam_limits.so)
Sep 9 16:22:23 web204 login: PAM [error: /lib/security/pam_limits.so: wrong ELF class: ELFCLASS32]
Sep 9 16:22:23 web204 login: PAM adding faulty module: /lib/security/pam_limits.so
Sep 9 16:22:25 web204 login: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=root
Sep 9 16:22:27 web204 login: FAILED LOGIN 1 FROM (null) FOR root, Authentication failure
Sep 9 16:22:43 web204 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Sep 9 16:22:43 web204 login: Module is unknown
Sep 9 16:22:51 web204 login: PAM unable to dlopen(/lib/security/pam_limits.so)
Sep 9 16:22:51 web204 login: PAM [error: /lib/security/pam_limits.so: wrong ELF class: ELFCLASS32]
Sep 9 16:22:51 web204 login: PAM adding faulty module: /lib/security/pam_limits.so
Sep 9 16:22:54 web204 login: pam_unix(login:session): session opened for user zhyhl by LOGIN(uid=0)
Sep 9 16:22:54 web204 login: Module is unknown
Sep 9 16:23:03 web204 sshd[6979]: Received signal 15; terminating.
Sep 9 16:47:17 web204 sshd[6875]: Server listening on :: port 22.
Sep 9 16:47:17 web204 sshd[6875]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Sep 9 16:47:44 web204 login: PAM unable to dlopen(/lib/security/pam_limits.so)
Sep 9 16:47:44 web204 login: PAM [error: /lib/security/pam_limits.so: wrong ELF class: ELFCLASS32]
Sep 9 16:47:44 web204 login: PAM adding faulty module: /lib/security/pam_limits.so
Sep 9 16:47:49 web204 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Sep 9 16:47:49 web204 login: Module is unknown
Sep 9 16:47:55 web204 login: PAM unable to dlopen(/lib/security/pam_limits.so)
Sep 9 16:47:55 web204 login: PAM [error: /lib/security/pam_limits.so: wrong ELF class: ELFCLASS32]
Sep 9 16:47:55 web204 login: PAM adding faulty module: /lib/security/pam_limits.so
Sep 9 16:48:00 web204 login: pam_unix(login:session): session opened for user zhyhl by LOGIN(uid=0)
Sep 9 16:48:00 web204 login: Module is unknown
Sep 9 16:48:28 web204 sshd[7233]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.0.31 user=root
Sep 9 16:48:30 web204 sshd[7233]: Failed password for root from 192.168.0.31 port 55060 ssh2
Sep 9 16:48:35 web204 sshd[7233]: Accepted password for root from 192.168.0.31 port 55060 ssh2
Sep 9 16:48:35 web204 sshd[7233]: pam_unix(sshd:session): session opened for user root by (uid=0)
解决办法:使用64位的设置替代32的pam_limits.so模块
vi /etc/pam.d/login
修改:
#session required /lib/security/pam_limits.so
session required /lib64/security/pam_limits.so
阅读(1624) | 评论(0) | 转发(0) |
