- changed status to resolved
Monit pam support is broken in master
Issue #311
resolved
In centos 6 compiling master no longer links pam. It doesn't look into the correct directories and even if force lpam in Make file and ldd shows library linked to a binary monit still complains
/etc/monitrc:26: PAM is not supported 'allow' /etc/monitrc:26: PAM is not supported 'readonly'
However this is how result of config looks like
Monit Build Information:
Architecture: LINUX
SSL include directory: /usr/include
SSL library directory: /usr/lib64
Compiler flags: -Wno-address -Wno-pointer-sign -g -O2 -Wall -Wunused -Wno-unused-label -funsigned-char -D_GNU_SOURCE -std=c99 -D _REENTRANT -I/usr/include -I/usr/include
Linker flags: -lpthread -lcrypt -lresolv -lnsl -L/usr/lib64 -lssl -lcrypto -L/usr/lib64
pid file location: /var/run
Install directory: /usr/local
+------------------------------------------------------------+
| License: |
| This is Open Source Software and use is subject to the GNU |
| AFFERO GENERAL PUBLIC LICENSE version 3, available in this |
| distribution in the file COPYING. |
| |
| By continuing this installation process, you are bound by |
| the terms of this license agreement. If you do not agree |
| with the terms of this license, you must abort the |
| installation process at this point. |
+------------------------------------------------------------+
| Monit has been configured with the following options: |
| |
| PAM support: ENABLED |
| SSL support: ENABLED |
| Large files support: ENABLED |
| Optimized: DISABLED |
+------------------------------------------------------------+
Comments (11)
-
repo owner
-
reporter
I don't think it will fix it. I have pam-devel installed but it doesn't help. Config looks for pam headers in pam directory but development package installs them in include/security. Have you tried building it in centos 6?
-
repo owner
The problem was, the the success-action in AC_CHECK_LIB overrode the default action, without adding -lpam to LIBS. The fix just drops the setting of custom HAVE_PAM variable and uses the default HAVE_LIPAM, which is set by AC_CHECK_LIB.
I have tested the fix on CentOS 6.7.
-
reporter
I built it and it doesn't work
I had the same problem when I manually forced it to use -lpam and pointed it to the right headers in make file. I see that library is linked now but your code still think PAM is not supported. Because of this I cannot test other issues with LXC either.
/etc/init.d/monit start Starting monit: /etc/monitrc:26: PAM is not supported 'allow' /etc/monitrc:26: PAM is not supported 'readonly' [FAILED] [root@xbroker8-chi ~]# [root@xbroker8-chi ~]# [root@xbroker8-chi ~]# ldd monit ldd: ./monit: not regular file [root@xbroker8-chi ~]# cd /usr/bin/ [root@xbroker8-chi bin]# ldd monit linux-vdso.so.1 => (0x00007ffe699e3000) libm.so.6 => /lib64/libm.so.6 (0x00007ff359fe3000) libpam.so.0 => /lib64/libpam.so.0 (0x00007ff359dd5000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007ff359bb7000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007ff359980000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007ff359766000) libnsl.so.1 => /lib64/libnsl.so.1 (0x00007ff35954c000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007ff3592e0000) libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007ff358efd000) libc.so.6 => /lib64/libc.so.6 (0x00007ff358b68000) libaudit.so.1 => /lib64/libaudit.so.1 (0x00007ff358945000) libdl.so.2 => /lib64/libdl.so.2 (0x00007ff358741000) /lib64/ld-linux-x86-64.so.2 (0x00005629467b1000) libfreebl3.so => /lib64/libfreebl3.so (0x00007ff35853d000) libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007ff3582f9000) libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007ff358012000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007ff357e0d000) libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007ff357be1000) libz.so.1 => /lib64/libz.so.1 (0x00007ff3579cb000) libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007ff3577bf000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007ff3575bc000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00007ff35739c000) [root@xbroker8-chi bin]# -
repo owner
It is necessary to run "./bootstrap" and "./configure" to set HAVE_LIBPAM and add -lpam to LIBS, just to make sure everything's clean, please try a new clone:
git clone git@bitbucket.org:tildeslash/monit.git --recursive ./bootstrap ./configure make -
reporter
It helped. Also looking into issue
#310(LXC), did you make any changes to master in addition to a special tar file? I built rpm after doing a fresh recursive clone and creating a distro. Now port tests are working and uptime shows up on the services. -
repo owner
creating rpm from fresh clone is fine - the referred special tar.gz is currently few changes past master, some fixes were added in the meantime (including PAM)
-
repo owner
regarding issue
#310... please can you post output of "monit status" from the test version? If the uptime is visible now and you can see the port connection status, the problem was fixed by switch from /proc/uptime to sysinfo() API (/proc/uptime problem seems to be specific to LXC) -
reporter
I have built the above mentioned rpm from master and not from test tarball. I will post results in
#310, it would be a right thing to do. -
repo owner
- changed version to 5.16
-
repo owner
- removed version
Removing version: 5.16 (automated comment)
- Log in to comment
fix Issue
#311→ <<cset a8848e3c8ec4>>