plugins wont start, in openpam_check_desc_owner_perms(): /etc/pam.d/su: insecure ownership or permis

[1968kevin]

freenas 9.2
athlon 64 2ghz
2 gb ram
2 1tb mirrored, ufs file system

i installed plex which runs fine, any additional plugins(couch potato, sabnzbd) will install but wont start i get the following in the jail message log:
Jan 8 16:45:39 sabnzbd_1 newsyslog[10265]: logfile first created Jan 8 16:45:39 sabnzbd_1 syslogd: kernel boot file is /boot/kernel/kernel Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:54 sabnzbd_1 pw: _secure_path: /etc/login.conf is world writable Jan 8 16:46:36 sabnzbd_1 su: in openpam_check_desc_owner_perms(): /etc/pam.d/su: insecure ownership or permissions Jan 8 16:46:36 sabnzbd_1 su: pam_start: system error Jan 8 16:46:36 sabnzbd_1 root: /usr/local/etc/rc.d/sabnzbd: WARNING: failed to start sabnzbd

 

[FirstServer]

Kevin,

Sorry I can't help, but I can sympathize. I'm having the same problem (http://forums.freenas.org/threads/secure_path-and-login_getclass-erroar.17028/). Hopefully, the helpful folks on this forum can give us some help. Good luck.

 

[3dNater]

freenas 9.2
athlon 64 2ghz
2 gb ram
2 1tb mirrored, ufs file system

i installed plex which runs fine, any additional plugins(couch potato, sabnzbd) will install but wont start i get the following in the jail message log:
Jan 8 16:45:39 sabnzbd_1 newsyslog[10265]: logfile first created Jan 8 16:45:39 sabnzbd_1 syslogd: kernel boot file is /boot/kernel/kernel Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:39 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: _secure_path: /etc/login.conf is world writable Jan 8 16:45:40 sabnzbd_1 /usr/sbin/cron[10324]: login_getclass: unknown class 'daemon' Jan 8 16:45:54 sabnzbd_1 pw: _secure_path: /etc/login.conf is world writable Jan 8 16:46:36 sabnzbd_1 su: in openpam_check_desc_owner_perms(): /etc/pam.d/su: insecure ownership or permissions Jan 8 16:46:36 sabnzbd_1 su: pam_start: system error Jan 8 16:46:36 sabnzbd_1 root: /usr/local/etc/rc.d/sabnzbd: WARNING: failed to start sabnzbd

I'm running a nearly identical spec system except I am running 2 2tb mirrored on UFS. I just installed plex media server as well but it will not start. I am totally new to not only freenas but to unix as well so everything seems particularly daunting to me. I think I gained a super basic idea of what a jail is by googling it and came accross a write-up on the FreeBSD site. I don't understand how to mount storage correctly in terms of "source" and "destination." So far I have managed to get a windows file share working and mapped a network drive. I have done some port forwarding in my router to get FTP, HTTP, and Telnet working. I moved some media files over to the nas from my windows 7 machine hoping to be able to start letting my kids stream them on the roku. I seem to have caught a snag and do not know what I am doing wrong. Any help would be massively appreciated!

 

[cyberjock]

The Plugin system requires ZFS. That also means you need 8GB of RAM minimum.

 

[prime50]

I am having exact same problems and I do have ZFS setup. Here's my system specs:

Build FreeNAS-9.2.0-RELEASE-x64 (ab098f4)
Platform Intel(R) Xeon(R) CPU L5335 @ 2.00GHz
Memory 12266MB (ECC FBDIMM)
Five 2TB drives in RaidZ1

After the fresh installation of freenas 9.2 I was able to install the sabnzbd plugin from gui which also created the jail for it. The plugin worked fine for a few days until I rebooted the machine at which point I started seeing errors like the OP. After spending some time unsuccessfully debugging the issue, I installed the plugin again which created another jail with "sabnzbd_2" name and it again worked fine for few days until met with same set of errors. I have pasted my pluginjail/var/log/messages below.

Jan 9 17:05:00 sabnzbd_2 cron[42041]: _secure_path: /etc/login.conf is world writable
Jan 9 17:05:00 sabnzbd_2 cron[42041]: login_getclass: unknown class 'daemon'
Jan 9 17:05:00 sabnzbd_2 cron[42041]: _secure_path: /etc/login.conf is world writable
Jan 9 17:05:45 sabnzbd_2 su: in openpam_check_desc_owner_perms(): /etc/pam.d/su: insecure ownership or permissions
Jan 9 17:05:45 sabnzbd_2 su: pam_start: system error
Jan 9 17:05:45 sabnzbd_2 root: /usr/local/etc/rc.d/sabnzbd: WARNING: failed to start sabnzbd
Should also mention I have Plex and CouchPotato plugins running fine so not sure what is going on.
Thanks

 

[dlavigne]

Sounds like it is time for someone to submit a bug with the details and to post the issue number here.

 

[prime50]

I played around a bit more with this and seems like these errors has to do with the user permissions in certain folders of the jail. I changed the permission in /etc/pam.d/* and /usr/lib/* to 700 and now I can start the plugin. I remember changing user permissions recursively of my entire zfs volume which probably caused the the plugin to stop working after the reboot of the machine. hope it helps!

 

[AciidSn3ak3r]

Im currently going through this issue at the moment. I did try changing the permissions of pam.d to 700 but didn't make a difference.

 

[Alcros]

Im currently going through this issue at the moment. I did try changing the permissions of pam.d to 700 but didn't make a difference.

Hi,

700 didn't work for me either nor changing permissions for /usr/lib, but 755 applied to /etc/pam.d/* did the trick for me :)

 

[Supa]

Hi,

700 didn't work for me either nor changing permissions for /usr/lib, but 755 applied to /etc/pam.d/* did the trick for me :)

Still have this issue....

tried chmod 755 /etc/pam.d/*

 

[Supa]

This is what the error looks like:

I've ran the commands within each jail...

 

[thepin]

Hi Supa

Did you manage to fix this - I am having similar problem with Sickbeard!

Thanks

 

[Supa]

Hi Supa

Did you manage to fix this - I am having similar problem with Sickbeard!

Thanks

See here: https://bugs.freenas.org/issues/4283#change-15328 Must have been something with recursive permissions.

Not yet... tried removing my datasets and now having issues removing the jails...

 

[marcevan]

Turn the plugin off first. Then change permissions back to root/wheel recursively on the jail dataset and reboot.

 

[Gadget]

I did the same. Fresh n00b so this is what I did...So Delete, reinstall plugins

Updated by Jordan Hubbard about 1 month ago

Did you happen to recursively apply a permission change to the dataset (or entire pool) containing the jail datasets? We've seen this before when users stomp the permissions on their jails, and there's not much we can do about it except say "guys, don't DO that!" :)

 

[mrclint]

Hello,
I am a n00b and I got the same message as You. I tried several times to change the rights for the jail recursive in the webGUI and I tried the chmod 755 in both directories without success.

I did also try to delete the plugin and reinstall it but the jail memory was still there. Finally I deleted the Jail dataset and tried to reinstall the plugins but now I have another problem. Maybe my question is not correct in this thread but can someone help me. Was it something that was needed to be done before installing the plugins or was the jail dataset created when the first plugin was created?



Sent from my iPhone using Tapatalk

 

[nszceta]

I had a similar issue when I tried connecting to a jail in FreeNAS box using SSH.

I fixed my issue with a shell inside the jail using:

Code:

chown -R root:wheel /
chmod -R 755 /
chmod -R 700 /etc/ssh
chmod -R 700 /root/.ssh
service sshd restart

I also made sure to enable root login in

Code:

/etc/ssh/sshd_config

 

[mrclint]

I solved my problem by reinstalling FreeNAS and importing my datasets. I guess I had been trying around a lot with authorisations and plugins when I started to use FreeNAS.


Sent from my iPhone using Tapatalk

 

[906puuK0T]

Dear All,

I have FreeNAS 9.2 installed on USB-drive on the 775 soket PC, 4Gb RAM, UFS.
I had the same problem: PLEX plugin starts normally, transmission plugin doesn't. Messages on the monitor connected to my NAS PC looked pretty like shown below, when I was trying to start transmission plugin:

secure_path: /etc/login.conf is world writable
login_getclass: unknown class 'daemon'
secure_path: /etc/login.conf is world writable
transmission_1 su: in openpam_check_desc_owner_perms(): /etc/pam.d/su: insecure ownership or permissions
transmission_1 su: pam_start: system error

To resolve the problem I have tryed:
1. To change owner of the / to root:wheel and set 777 permissions recursively;
2. To set 755 permissions of the /usr/lib and /etc/pam.d. By the way, in order to change the permissions it is requred to mount / as write/read, otherwise it is impossible (nobody mentioned this item);
3. To reinstall FreeNAS.

All these items does not work in my case. However I finally resolved the problem:

I renamed pam.d in pam1.d in /etc and in /etc of transmission jail.
I belive that this is not right solution but it works in my case. Everything works properly after reboot of the NAS, plugins start automatically.
I suppose that there is a bug in FreeNAS or in transmission plugin, which will be fixed in the future versions.

I hope this information will be useful for someone.

 

[venkavis]

I am having the same problem after the recent 9.3 updates for the stable release.

Going to try the steps mentioned and get back to you all.