[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM with GNU radius



 

    I am trying to set up a radius server (GNU radius) using PAM (krb5) for authentication. I am having problems doing radius auths since the account part fails. My pam file looks like:

 

auth        sufficient    /lib/security/pam_krb5.so use_authtok

auth        required      /lib/security/pam_deny.so

 

account    required     /lib/security/pam_permit.so

session    required     /lib/security/pam_permit.so

 

    When I do a radius auth the authentication goes through without a problem but then denies me with the error: “pam_krb5: unable to determine uid/gid for user” and then “pam_krb5: authentication fails for user”. Is there any way that I can completely bypass the account/session portion of PAM? Since all I am doing is using PAM for authentication and not authorization I don’t need the uid/gid information at all. I also tried

 

“account     [default=ignore success=ignore user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_unix.so”

 

and it did not help. Any ideas? Thanks,

 

David


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []