pam_authenticate only works when logged in as root
Tomas Mraz
tmraz at redhat.com
Tue Jun 28 19:30:19 UTC 2005
On Tue, 2005-06-28 at 10:48 -0700, Steven Bush wrote:
> We use pam_authenticate to authenticate users logging into our software
> product. On most systems, this has worked splendidly, however on one
> customer's installation, authentication only succeeds if the process
> calling pam_authenticate is running as root or else if the username being
> authenticated is the same as the process' UID.
> (Authentication Configuration):
> Use Shadow Passwords: *YES*
> Use MD5 Passwords: *YES*
> Use LDAP Authentication: no
> Use Kerberos 5: no
> Use SMB Authentication: no
>
> Any thoughts? Any suggestions where to look? I'm assuming it's some sort
> of file permission issue, but I can't figure out what it might be.
This is easy - you're using shadow passwords so you cannot authenticate
other users if the pam authentication doesn't run as root. The solution
is to either not use shadow passwords or to use some other kind of
authentication (LDAP, Kerberos5).
--
Tomas Mraz <tmraz at redhat.com>
More information about the Pam-list
mailing list