Re: Update to BETA1 can't login: pam_opie.so not found

In reply to: Nenhum_de_Nos: "Update to BETA1 can't login: pam_opie.so not found"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Zhenlei Huang <zlei_at_FreeBSD.org>
Date: Mon, 11 Sep 2023 01:08:21 UTC


> On Sep 10, 2023, at 1:40 PM, Nenhum_de_Nos <lojas@arroway.org> wrote:
> 
> Hi,
> 
> just updated my nanopi R5S to BETA1:
> 
> FreeBSD  14.0-BETA1 FreeBSD 14.0-BETA1 aarch64 1400097 #0
> releng/14.0-n265061-5e5854520ee6: Sat Sep  9 20:20:11 -03 2023    
> root@NanopiR5S-nvme:/usr/obj/usr/src-14/arm64.aarch64/sys/GENERIC.pfndb
> arm64
> 
> the config just has PF builtin.
> 
> git checkout releng/14.0 and the default make buildworld/make buildkernel;
> make installworld;make installkernel stuff.
> 
> No I can't login, ssh or locally. When locally by serial, I get the
> pam_opie.so not found. I read UPDATING on git for releng/14.0 and saw
> nothing about PAM. I can get to it by choosing single user on boot. I did
> a find for this module, and none are found.
> 
> I saw this:
> 
> /etc/pam.d/sshd:auth sufficient pam_opie.so  no_warn no_fake_prompts
> 
> Then I commented all lines for ssh, other and system files in /etc/pam.d.
> Now I can login again. Is this a expected behaviour?
> 
> My old kernel and world was:
> 
> FreeBSD NanopiR5S-nvme 14.0-CURRENT FreeBSD 14.0-CURRENT #0: Sun Jul 16
> 05:15:49 -03 2023
> root@NanopiR5S-nvme:/usr/obj/usr/src-main/arm64.aarch64/sys/GENERIC.pfndb
> a rm64
> 
> 
> Thanks,
> 
> matheus
> 
> 


OPIE is deprecated and has been removed from 14. See announcement [1].

So I think it is expected not to work.

CC the author @Dag-Erling

1. https://lists.freebsd.org/archives/freebsd-security/2022-September/000081.html

Best regards,
Zhenlei