dlopen not able to open shared object file, even though it is existing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello pam-list members,

We had written a customized PAM authentication module (in C) named vauth.so to be used for sshd. We had changed the sshd file in /etc/pam.d to include the following line

authenticate sufficient vauth.so

We were able to have ssh session using PuTTY successfully. vauth.so gets called and authentication gets completed.

After this, we wanted to use some java components for our authentication through vauth.so. So, we used some JNI calls from the c code, and created vauth.so.

These were the commands used to create vauth.so (which is finally placed in /lib64/security)

gcc -fPIC -fno-stack-protector -I/usr/java/jdk1.7.0_07/include -I/usr/java/jdk1.7.0_07/include/linux -c vauth.c -L/usr/java/jdk1.7.0_07/jre/lib/amd64/server

ld -x --shared -o /lib64/security/vauth.so vauth.o /usr/java/jdk1.7.0_07/jre/lib/amd64/server/libjvm.so

We had also copied "libjvm.so" to /lib64/security.

Now, when we do an authentication using PuTTY, we see the following error.


Dec  6 11:23:10 localhost sshd[8605]: PAM unable to dlopen(/lib64/security/vauth.so): libjvm.so: cannot open shared object file: No such file or directory
Dec  6 11:23:10 localhost sshd[8605]: PAM adding faulty module: /lib64/security/vauth.so

We are not sure, why this problem occurs as libjvm.so in present in /lib64/security.


Following observation may be of some help:
We used an utility called PamTester to test pam modules - pamtester dot sourceforge dot net

results of  using pamtester as a non root user or not root user to test our pam module
With JNI (libjvm.so): If we run PamTester as a root user, we are able to authenticate. If we run PamTester as a normal user, then we saw segmentation fault (again this should be due to some access related issues).
Without JNI (no libjvm.so): If we run PamTester as a root user or non root user, we were able to execute and see the results.

Any help or guidance in resolving the issues will help.

With Thanks & Best Regards,
-Mohana Murali G

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux