Closed jamshid closed 4 years ago
There are a few differences between 7 and 8 in the files under /etc/pam.d/
but they don't seem to affect this exception.
I looked for PAM-related changes in RHEL 8, not sure if this is related. https://www.simplylinuxfaq.com/p/major-differences-between-rhel-8-and-7.html
The securetty PAM module has been disabled by default and the '/etc/securetty' file has been removed from RHEL8.
Closing this as it turns out the problem is a bug or quirk in the official centos:8 image. It contains a file /var/run/nologin
that somehow breaks PAM authentication. Just remove the file in your Dockerfile.
FROM centos:8
...
# Fix centos:8 image bug/quirk that breaks PAM authentication: https://github.com/kohsuke/libpam4j/issues/25
RUN rm -f /var/run/nologin
...
The above java program succeeds once the file is gone. Will try to followup here if it's a bug in the image: https://github.com/CentOS/CentOS-Dockerfiles/issues/173
The libpam4j authenticate() function does not seem to work on the recently released CentOS/RHEL8, at least in a docker container.
See below to reproduce. Maybe some PAM configuration requires changes or something needs to be installed for the PAM functionality used by libpam4j to work on centos 8?