My Oracle Support Banner

LINUX : SSH Session Crash due to PAM_GROUP_BUFLEN 1000 (Doc ID 2106464.1)

Last updated on JUNE 05, 2019

Applies to:

Oracle Exadata Storage Server Software - Version 12.1.2.1.0 to 12.1.2.3.0 [Release 12.1]
Linux x86-64

Symptoms

If you're using pam_group or pam_time and the corresponding config file (such as /etc/security/group.conf) has more than 1000 non-comment characters then processes using these modules will crash. This will typically mean you can't log in at all and you may need to comment out use of these modules from single user

This could for example happen when having a large AD group mapping to local groups /etc/security/group.conf.

When trying to connect over ssh the following message will be seen:

 

Changes

This occurs on Oracle Linux 6 with pam version 1.1.1-20.el6_7.1 (pam-1.1.1-20.el6_7.1.x86_64) and earlier. 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.