After install CA PIM agent 12.8 SP1, linux regular users cannot login

Back to discussions

Expand all | Collapse all

After install CA PIM agent 12.8 SP1, linux regular users cannot login

Jump to Best Answer

1. After install CA PIM agent 12.8 SP1, linux regular users cannot login

0 Recommend
Sergio Arias
Posted Feb 26, 2018 01:14 PM

Reply Reply Privately
Hi Gurus,

Regular users cannot login to the linux server, only root can
Doing a diff command on /etc/pam.d files password-auth-cm and system-auth-cm before and after CA PIM agent Installation I see several lines that was inserted by CA PIM.

auth       optional     pam_seos.so
account    optional     pam_seos.so
password sufficient pam_seos.so
session    optional     pam_seos.so

If I deleted these lines, I get again access to the server not only with root user.

Regards
2. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

0 Recommend
Broadcom Employee

Brian Rehder
Posted Feb 26, 2018 02:02 PM

Reply Reply Privately
Hi Sergio,

Do you have SELinux enabled on the affected server? We have seen issues in the past where SELinux running concurrently with PIM can cause issues logging in. If it is enabled, I would suggest going to /opt/CA/AccessControl/lbin and running sshd_policy.sh to test if that resolves your issue.

If that does not work, or if SELinux is not enabled on the server, than it is likely an issue with a rule in seosdb. After a user fails to log into the server, what does the seaudit output show?

Thanks,
Brian Rehder
CA Support Engineer
3. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

0 Recommend
Sergio Arias
Posted Feb 26, 2018 02:32 PM

Reply Reply Privately
Thanks Brian.. but no, SElinux is not enable, the Linux servers (RHEL 7) have applied CIS L1 hardening..
We have no any rule enable.. either CA PIM agent running or not, cannot login..
4. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login
Best Answer

0 Recommend
Broadcom Employee

Brian Rehder
Posted Feb 27, 2018 04:37 PM

Reply Reply Privately
The CIS L1 hardening is causing the issue with the PAM stack, please open an issue so we can investigate the root cause. When you open the case, please include any documentation you used to perform the CIS L1 hardening. In addition, please use the command `ssh -v USER@SERVER` to perform a debug SSH connection to reproduce the issue, this way we can see where it is failing.
5. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

0 Recommend
Sergio Arias
Posted Feb 27, 2018 04:49 PM

Reply Reply Privately
Thanks Brian.. I will open a case.

Symantec Privileged Access Management

After install CA PIM agent 12.8 SP1, linux regular users cannot login

Sergio AriasFeb 26, 2018 01:14 PM

Brian RehderFeb 26, 2018 02:02 PM

Sergio AriasFeb 26, 2018 02:32 PM

Brian RehderFeb 27, 2018 04:37 PMBest Answer

Sergio AriasFeb 27, 2018 04:49 PM

1. After install CA PIM agent 12.8 SP1, linux regular users cannot login

2. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

3. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

4. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login Best Answer

5. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login

4. Re: After install CA PIM agent 12.8 SP1, linux regular users cannot login
Best Answer