[<prev] [next>] [day] [month] [year] [list]
Message-ID: <7f30c4c70707091258v12bed301ide0636950a01db86@mail.gmail.com>
Date: Mon, 9 Jul 2007 14:58:23 -0500
From: "hackmiester (Hunter Fuller)" <hackmiester@...kmiester.com>
To: linux-kernel@...r.kernel.org
Cc: inaki@...ximeth.org
Subject: PAM LDAP auth issue, but only on some apps...???
Check this out.
[hack@...ka pam.d]$ sudo -u hfuller echo "testing"
Password:
testing
So I can run commands as an LDAP user hfuller, using sudo.
But!
[hack@...ka pam.d]$ su hfuller
Password:
[hack@...ka pam.d]$
If I try to su to the user, it doesn't work, and it doesn't even error out. And:
Jul 9 10:46:39 asuka su(pam_unix)[13051]: session opened for user
hfuller by (uid=0)
Jul 9 10:46:39 asuka su(pam_unix)[13051]: session closed for user hfuller
A session is opened for my user but then immediately closed. And this
is the error ssh throws:
Jul 9 11:59:18 asuka sshd2[13466]: Remote host disconnected:
Authentication method disabled. (user 'hfuller', client address '1
27.0.0.1:48784', requested service 'ssh-connection')
Jul 9 11:59:18 asuka sshd2[13466]: User authentication failed:
'Authentication method disabled. (user 'hfuller', client address
'127.0.0.1:48784', requested service 'ssh-connection')'
If I try to ssh to localhost using the login hfuller.
If you know stuff about LDAP logins you might be thinking "His LDAP is
broken when using PAM but not NSS."
But here is this test program I was given, that uses PAM libraries...
[hack@...ka pam.d]$ ~hack/check_user
login: hfuller
Password:
PAM said: Success
What?!
Any ideas? This is one of the most confusing problems I've ever had.
--
-hackmiester
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists