messages error can not open module /usr/lib/security/pam_unix_session.so.1

ayhanne · March 25, 2009, 7:50am

Hi,

I always receive the following intermittent error on the /var/adm/messages, can someone help me please on what to do and what to check for these errors to disappear? What can be the problem with my ftp? Please see details of solaris below. Thanks in advance!

SunOS 5.10 Generic_127111-08 sun4v sparc SUNW,Sun-Fire-T200

Mar 25 09:55:37 tn-00 ftpd[25223]: [ID 487707 auth.error] load_modules: can not open module /usr/lib/security/pam_unix_session.so.1
Mar 25 09:55:47 tn-00 ftpd[25323]: [ID 776383 auth.error] open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory
Mar 25 09:55:47 tn-00 ftpd[25323]: [ID 487707 auth.error] load_modules: can not open module /usr/lib/security/pam_unix_session.so.1
Mar 25 09:55:57 tn-00 ftpd[25419]: [ID 776383 auth.error] open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory
Mar 25 09:55:57 tn-00 ftpd[25419]: [ID 487707 auth.error] load_modules: can not open module /usr/lib/security/pam_unix_session.so.1
Mar 25 09:56:07 tn-00 ftpd[25702]: [ID 776383 auth.error] open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory
Mar 25 09:56:07 tn-00 ftpd[25702]: [ID 487707 auth.error] load_modules: can not open module /usr/lib/security/pam_unix_session.so.1
Mar 25 09:56:12 tn-00 ftpd[25704]: [ID 776383 auth.error] open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory
Mar 25 09:56:12 tn-00 ftpd[25704]: [ID 487707 auth.error] load_modules: can not open module /usr/lib/security/pam_unix_session.so.1
Mar 25 09:56:17 tn-00 ftpd[25709]: [ID 776383 auth.error] open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory

incredible · March 25, 2009, 7:52am

Your system is enabled with ftp? does this file exists /usr/lib/security/pam_unix_session.so.1? Maybe you want want to comment out a similar entry like this and monitor the system further. (check with your guys if you're allowed to do so)

in /etc/pam.conf
other session required pam_unix_session.so.1

incredible · March 25, 2009, 7:53am

These messages appear when the DefaultRoot configuration directive is in effect. This directive causes a user to be confined using the chroot(2) system call. This call, however, affects other system utilities, such as PAM. In this case, PAM's configuration is causing the PAM library to attempt to open PAM modules using a path that is no longer valid, thus the errors. This happens on logout because the chroot has already happened by that point; on login, the PAM modules are successfully found and loaded before the chroot, so no errors. These are merely cosmetic reporting errors, and do not really affect the functionality or security of the server

ayhanne · March 25, 2009, 8:19am

Hi incredible,

Thanks for replying! Yes, ftp is enabled and I already checked before that file /usr/lib/security/pam_unix_session.so.1 exist. Please see details below

-rwxr-xr-x   1 root     bin        25648 Aug 16  2007 /usr/lib/security/pam_unix_session.so.1*
lrwxrwxrwx   1 root     root          23 Aug 24  2008 /usr/lib/security/pam_unix_session.so -> ./pam_unix_session.so.1*

If I comment other session required pam_unix_session.so.1 in from /etc/pam.conf, what will be the effect? Thanks!

incredible · March 26, 2009, 9:09am

make a backup of the file, comment it first then see