# Recent BSD advisories; freebsd-update breaks ssh login?



## frijsdijk (Dec 30, 2011)

Hi,

Yesterday I've been updating alot of our machines. I ran the update with pssh, something along these lines: 


```
pssh -h freebsd-update.hosts -l adminuser -x '-t' -i  'sudo freebsd-update fetch install'
```

Other than this error on some machines because /usr/src did not exist:


```
Stderr: install: ///usr/src/lib/libc/gen/libc_dlopen.c: No such file or directory
```

... which should not be a problem, all went fine.

After 77 hosts I noticed that to some hosts, I could not ssh to anymore. Via webmin installed on most machines, I could view logs and recover ssh login by turning of PAM, because I could see in /var/log/messages:


```
Dec 29 15:07:22 hostname sshd[21624]: in openpam_load_module(): no pam_unix.so found
```

Even logging in on the console via a KVM failed with:


```
Dec 30 03:17:15 hostname login: in openpam_load_module(): no pam_unix.so found
Dec 30 03:17:15 hostname login: pam_start(): system error
```

Later on I could see on the host:


```
# ldd /usr/lib/pam_unix.so
/usr/lib/pam_unix.so:
        libutil.so.7 => /lib/libutil.so.7 (0x2818d000)
        libcrypt.so.4 => /lib/libcrypt.so.4 (0x2819b000)
        libypclnt.so.3 => not found
        libpam.so.4 => /usr/lib/libpam.so.4 (0x281b8000)
        libc.so.7 => /lib/libc.so.7 (0x28083000)

# ls -l /usr/lib | grep libypclnt
-r--r--r--  1 root  wheel    23778 Dec 29 11:00 libypclnt.a
lrwxrwxrwx  1 root  wheel       14 Nov 24  2006 libypclnt.so -> libypclnt.so.2
-r--r--r--  1 root  wheel    14616 May  7  2006 libypclnt.so.2
```

So I:


```
# cd /usr/lib && ln -s libypclnt.so.2 libypclnt.so.3
```

.. and all was fine again.

Most hosts that failed in this situation were 7.4-RELEASE-psomething hosts, 32-bit.

Anyone else noticed this?


-- Frederique


----------



## SirDice (Dec 30, 2011)

libypclnt.so.2 is from FreeBSD 6.x, not 7.x.


----------



## frijsdijk (Dec 30, 2011)

Hey SirDice,

Could be, these machines live a long time already. But after freebsd-update it was broken. Any clues? Did I do something wrong?


----------



## frijsdijk (Dec 30, 2011)

Did freebsd-update mess up because in an earlier upgrade from 6.x to 7.x I didn't run *make delete-old-libs* or something?


----------

