Whats `/usr/sbin/unix_chkpwd root nullok` during the S3 backups

Jeeves_

Jeeves_

Member
Proxmox Subscriber
Jan 7, 2025
13
29
13
Ede, NL
www.tuxis.nl
Hi,

Playing around with S3 backups and I see a lot of `/usr/sbin/unix_chkpwd root nullok` scrolling by. What are they used for? It seems to be combined with S3 only?
 
  • Like
Reactions: Johannes S
Hi,
this does not ring a bell..

Can you please share further details, e.g. where you see these messages, what operations are performed when this happens?

Checked the systemd journal of one of my test instances and there I do see unix_chkpwd messages only in relation to authentication failures with the PBS API. But with e.g. password check failed for user (root)
 
I think I found it. This is a test-instance which authenticates as root@pam. It looks like every call reauthenticates against pam, which runs `/usr/sbin/unix_chkpwd root nullok` in turn.

Sounds that it could use some caching, but caching and authentication... :)
 
  • Like
Reactions: Johannes S
Jeeves_ said:
I think I found it. This is a test-instance which authenticates as root@pam. It looks like every call reauthenticates against pam, which runs `/usr/sbin/unix_chkpwd root nullok` in turn.
Click to expand...
Did you change the pam configuration, these messages do not show up here?

Jeeves_ said:
Sounds that it could use some caching, but caching and authentication... :)
Click to expand...
There already is user caching in place, e.g. see [0]. That's why I was wondering what operations are being performed when you see this.

Further, please note that you can use API tokens or PBS relam instead of pam authentication, if that is what you want.


[0] https://git.proxmox.com/?p=proxmox-...97c318efd69c69140c88bf58008f2dfcf;hb=HEAD#l91
 
You must log in or register to reply here.
Top Bottom