[K12OSN] Problems with ldap-based accounts and xdm (fedora core 2)

Jeff Davis jdavis at standard.k12.ca.us
Fri Jul 2 15:32:06 UTC 2004


Hi,

Got my Samba PDC up and running, using the smbldap-tools set of 
scripts.  Everything seems fine until I try to log into an X session via 
xdm.  It thinks for a few moments and then pukes out the following:

/etc/X11/gdm/PreSession/Default: Registering your session with wtmp and utmp
/etc/X11/gdm/PreSession/Default: running: /usr/bin/X11/sessreg -a -w 
/var/log/wtmp -u /var/run/utmp -x "/var/gdm/:0.Xservers" -h "" -l ":0" 
"test1"
/etc/X11/xdm/Xsession: line 140: /usr/bin/ssh-agent 
/etc/X11/xinit/Xclients: No such file or directory
/etc/X11/xdm/Xsession: line 140: exec: /usr/bin/ssh-agent 
/etc/X11/xinit/Xclients: cannot execute: No such file or directory

Logging as user test1, i find I have permissions to execute, so I'm not 
sure what xdm's trip is...

Local machine accounts do not seem to experience this.  My suspicion is 
that this may be a pam problem.  My pam system-auth is as follows:

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100
account     required      /lib/security/$ISA/pam_unix.so
account     sufficient    /lib/security/$ISA/pam_ldap.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok 
use_authtok md5 shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so

I can send additional conf file content (nssswitch, slapd, ldap (/etc & 
/etc/openldap), and whatever else.  I'm kinda stumped.

Thanks,

-Jeff

-- 
Jefferson K. Davis
Technology and Information Systems Manager
Standard School District
1200 North Chester Ave
Bakersfield, CA 93308
USA
661-392-2110 ext 120





More information about the K12OSN mailing list