HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Pam ftpd logon error HP-UX 11.11

 
SOLVED
Go to solution
cartman_2
Frequent Advisor

Pam ftpd logon error HP-UX 11.11

Hi,

We were getting these errors in syslog:

ftpd[11724]: pam_open_session: General
Commercial Security error.

And the user couldn't log in, we found in /tcb
the user had a _t file created:

/tcb/files/auth/m> ls -l
-rw-rw-r-- 1 root root 305 Aug 1 02:35 manc
---------- 1 root root 0 Aug 1 02:35 manc-t

We deleted the file, and the user could log in again via ftp with no problems.

My question is, do you now why this file gets created?, i had never seen it before


3 REPLIES
Matti_Kurkela
Honored Contributor
Solution

Re: Pam ftpd logon error HP-UX 11.11

This looks like a lock file, created by passwd, modprpw or a similar command to indicate it's currently modifying the user's information.

Normally such a lock file exists only for a very short time (less than a second for modprpw), so it's not a common sight to see. It might have been left if the command was aborted via kill -9 or a crash.

You might want to investigate what was happening on the system at the time corresponding to the file's timestamp: at 02:35 on August 1st. Was the system rebooted, or were there any scheduled changes at that time?

MK
MK
likid0
Honored Contributor

Re: Pam ftpd logon error HP-UX 11.11

Yes, it's a temp file in wich it writes the changes the commands(modprpw,passwd) makes to the file, and then renames it to the original name without the _t

here the output of tusc:
open("/tcb/files/auth/j/jnj-t", O_WRONLY|O_CREAT|O_TRUNC, 0666) ....................................................................................... = 8
ioctl(8, TCGETA, 0x77ffb738) ............................................................................................................................... ERR#25 ENOTTY
write(8, "j n j : u _ n a m e = ".., 340) ........................................................................................................ = 340
close(8) ................................................................................................................................................... = 0
rename("/tcb/files/auth/j/jnj-t", "/tcb/files/auth/j/jnj") ....................................................................................... = 0
open("/tcb/files/auth/j/jnj", O_RDONLY, 040100)

When the file exists, the passwd command for example sleeps, until the file doesn't exist:






....................................................................................................... = 8stat("/tcb/files/auth/j/jnj-t", 0x77ffad60) ........................................................................................................... = 0
nanosleep(0x77ffadc8, NULL) ................................................................................................................................ = 0
stat("/tcb/files/auth/j/jnj-t", 0x77ffad60) ........................................................................................................... = 0
nanosleep(0x77ffadc8, NULL) ................................................................................................................................ = 0




If for some reason(crash) the file remains, after the command finishes it will block subsequent logons:

this is a tusc of the ftpd daemon, and as you can see, it's the same, it sleeps wainting for the file to disappear:

[19513] stat("/tcb/files/auth/j/jnj-t", 0x77ff61d0) ................................................................................................... = 0
[19513] nanosleep(0x77ff6238, NULL) ........................................................................................................................ = 0
[19513] stat("/tcb/files/auth/j/jnj-t", 0x77ff61d0) ................................................................................................... ERR#2 ENOENT
[19513] open("/tcb/files/auth/j/jnj", O_RDONLY, 0666) ................................................................................................. = 6
[19513] fcntl(6, F_SETFD, 1) ............................................................................................................................... = 0
Windows?, no thanks
cartman_2
Frequent Advisor

Re: Pam ftpd logon error HP-UX 11.11

ok, it's clear now