[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: strange errors from pam-krb5



On Thu, Nov 29, 2001 at 09:50:51AM -0500, Mitchell Baker wrote:
> Authenticating but NOT setting up credential cache
> Solaris 8
> OpenSSH_3.0.1p1
> MIT KRB5 1.2.2

> The pam.conf is the same on both and so is the sshd_config

> Do have the debug option on with the pam_krb5. Here is more of the logs.
> With logout...

> Nov 29 08:04:26 system sshd[880]: [ID 551190 auth.debug] pam_krb5: 
> pam_sm_authenticate(sshd mdbaker): entry:
> Nov 29 08:04:26 system sshd[880]: [ID 551190 auth.debug] pam_krb5: 
> pam_sm_authenticate(sshd mdbaker): exit: success
> Nov 29 08:04:26 system sshd[880]: [ID 248316 auth.debug] pam_krb5: 
> pam_sm_acct_mgmt(sshd mdbaker): entry:
> Nov 29 08:04:26 system sshd[880]: [ID 248316 auth.debug] pam_krb5: 
> pam_sm_acct_mgmt(sshd mdbaker): exit: success
> Nov 29 08:04:26 system sshd[880]: [ID 800047 auth.info] Accepted password 
> for mdbaker from xxx.xxx.xxx.xxx port 35740 ssh2
> Nov 29 08:04:26 system sshd[880]: [ID 843472 auth.debug] pam_krb5: 
> pam_sm_setcred(sshd mdbaker): entry:
> Nov 29 08:04:26 system sshd[880]: [ID 843472 auth.debug] pam_krb5: 
> pam_sm_setcred(sshd mdbaker): chown(): Not owner
> Nov 29 08:04:26 system sshd[880]: [ID 843472 auth.debug] pam_krb5: 
> pam_sm_setcred(sshd mdbaker): exit: failure
> Nov 29 08:04:26 system sshd[880]: [ID 833576 auth.debug] pam_setcred: error 
> Error in underlying service module
> Nov 29 08:04:26 system sshd[880]: [ID 993013 auth.debug] pam_sm_setcred(): 
> no module data
> Nov 29 08:04:44 system sshd[880]: [ID 833576 auth.debug] pam_setcred: error 
> Error in underlying service module
> Nov 29 08:04:44 system sshd[880]: [ID 833576 auth.debug] pam_setcred: error 
> Permission denied

Hmm.  Sounds like something has changed in OpenSSH 3.0.1p1 wrt the order
of setuid() and pam_setcred() calls.

Nico, is this our bug or theirs?

Steve Langasek
postmodern programmer





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []