Bug 247620

Summary: cap_mkdb detects but does not stop reference loop errors in login.conf
Product: Base System Reporter: Mike Quin <mike>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: New ---    
Severity: Affects Many People    
Priority: ---    
Version: 12.1-RELEASE   
Hardware: amd64   
OS: Any   

Description Mike Quin 2020-06-28 16:48:21 UTC
If a loop is created in /etc/login.conf, for example by including :tc=default: in the default class, cap_mkdb will issue a warning:

"cap_mkdb: potential reference loop detected"

but still write a non-usable database.

Once this has happened authentication attempts fail with "PAM account management error: Error in service module"