Unable to dlopen pam_lastlog2

aheadofthekrauts · March 31, 2026, 2:06pm

Hi fedora community.

When i run dnf upgrade I get the following errors in my logs.

Mär 31 15:44:35 terence (systemd-stdio-bridge)[26220]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26221]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26220]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26221]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26224]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26224]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26223]: PAM unable to dlopen(/usr/lib64/security/pam_lastlog2.so): /usr/lib64/security/pam_lastlog2.so: undefined symbol: pam_syslog
Mär 31 15:44:35 terence (systemd-stdio-bridge)[26223]: PAM adding faulty module: /usr/lib64/security/pam_lastlog2.so

I’ve only found old discussions about the lastlog2 migration, but nothing else.

I didn’t find anything suspicious.

     │ File: /etc/authselect/postlogin
─────┼────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
   1 │ # Generated by authselect
   2 │ # Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
   3 │ # You can stop authselect from managing your configuration by calling 'authselect opt-out'.
   4 │ # See authselect(8) for more details.
   5 │ 
   6 │ 
   7 │ 
   8 │ session     optional                   pam_umask.so silent
   9 │ session     [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
  10 │ session     [default=1]                pam_lastlog2.so silent
  11 │ session     optional                   pam_lastlog2.so silent

> authselect current
Profile ID: local
Enabled features:
- with-silent-lastlog
- with-fingerprint
- with-mdns4

anotheruser · March 31, 2026, 5:03pm

pls file a bugreport https://bugzilla.redhat.com/

I see the same on my upgraded system. Can’t reproduce in a VM (installed sometime as f44 rawhide ) and a VM upgraded from f42 - f43 -f44.

aheadofthekrauts · March 31, 2026, 5:35pm

Thanks for confirmation.

Ticket is at 2453457 – Unable to dlopen pam_lastlog2 in case someone wants to follow.

anotheruser · March 31, 2026, 5:44pm

I checked again, those lines are not logged during every dnf session. I suppose that depends on what was installed.

Topic		Replies	Views
PAM Lastlog change crashing gdm Ask Fedora silverblue , atomic-desktops , f43	11	1885	November 3, 2025
Fscrypt_pam problem Ask Fedora	4	195	September 10, 2025
F43 Change Proposal: Migrate to lastlog2 (system-wide) Change Proposals fesco , f43	4	321	March 21, 2025
Fedora update broke pam_u2f two-factor login Ask Fedora f35 , gnome	4	1385	December 31, 2021
Unable to log in after last fedora 41 update Ask Fedora f41 , password	25	3020	December 3, 2024

Unable to dlopen pam_lastlog2

Related topics