trouble configuring pam using pam_ldap and pam_mount
Heiko Harders
harders at fmf.nl
Mon Jul 30 15:54:12 UTC 2007
Wilhelm Meier wrote:
>
> please show us the logs (add the debug option to every module
First the exact configuration I used, I added 'debug' to every line:
/etc/pam.d/common-account:
account required pam_unix.so debug
account sufficient pam_localuser.so debug
account required pam_ldap.so debug
/etc/pam.d/common-auth:
auth required pam_mount.so debug
auth sufficient pam_ldap.so use_first_pass debug
auth required pam_unix.so nullok_secure use_first_pass debug
/etc/pam.d/common-password:
password sufficient pam_ldap.so debug
password required pam_unix.so nullok obscure min=4 max=8 md5 debug
/etc/pam.d/common-session:
session optional pam_foreground.so debug
session [default=2 success=ignore] pam_succeed_if.so debug uid > 2000
session required pam_mount.so debug
session sufficient pam_ldap.so debug
session required pam_unix.so debug
/etc/pam.d/common-pammount: <empty>
Next, the logs (I'm not sure this is everything, it is everything I
could find in '/var/log/' but if there is another location I should
look, please tell me):
logged in as 'root' doing 'su heiko' (local user with uid 1000) and
after that directly 'exit':
/var/log/auth.log:
Jul 30 17:21:26 njord su[5758]: PAM unable to resolve symbol:
pam_sm_open_session
Jul 30 17:21:26 njord su[5758]: PAM unable to resolve symbol:
pam_sm_close_session
Jul 30 17:21:26 njord su[5758]: PAM unable to resolve symbol:
pam_sm_open_session
Jul 30 17:21:26 njord su[5758]: PAM unable to resolve symbol:
pam_sm_close_session
Jul 30 17:21:28 njord pam_localuser[5758]: checking
"root:x:0:0:root:/root:/bin/bash "
<snip>pam_localuser checking all lines in /etc/passwd</snip>
Jul 30 17:21:29 njord pam_localuser[5758]: checking
"heiko:x:1000:1000:Heiko Harders,,,:/home/heiko:/bin/bash "
Jul 30 17:21:29 njord su[5758]: Successful su for heiko by root
Jul 30 17:21:29 njord su[5758]: + pts/0 root:heiko
Jul 30 17:21:29 njord su[5758]: (pam_unix) session opened for user heiko
by (uid=0)
Jul 30 17:21:31 njord su[5758]: (pam_unix) session closed for user heiko
logged in as 'root' doing 'su tdummy' (LDAP user width uid 2002) and
after that directly 'exit':
/var/log/auth.log:
Jul 30 17:30:30 njord su[6192]: PAM unable to resolve symbol:
pam_sm_open_session
Jul 30 17:30:30 njord su[6192]: PAM unable to resolve symbol:
pam_sm_close_session
Jul 30 17:30:30 njord su[6192]: PAM unable to resolve symbol:
pam_sm_open_session
Jul 30 17:30:30 njord su[6192]: PAM unable to resolve symbol:
pam_sm_close_session
Jul 30 17:30:32 njord pam_localuser[6192]: checking
"root:x:0:0:root:/root:/bin/bash "
<snip>pam_localuser checking all lines in /etc/passwd</snip>
Jul 30 17:30:32 njord pam_localuser[6192]: checking
"heiko:x:1000:1000:Heiko Harders,,,:/home/heiko:/bin/bash "
Jul 30 17:30:32 njord pam_localuser[6192]: checking
"statd:x:110:65534::/var/lib/nfs:/bin/false "
Jul 30 17:30:32 njord su[6192]: Successful su for tdummy by root
Jul 30 17:30:32 njord su[6192]: + pts/0 root:tdummy
Jul 30 17:30:32 njord su[6192]: (pam_unix) session opened for user
tdummy by (uid=0)
Jul 30 17:32:20 njord su[6192]: (pam_unix) session closed for user tdummy
logged in as 'heiko' (local user, uid 1000) with graphical login (gdm,
gnome):
/var/log/auth.log:
Jul 30 17:37:23 njord pam_localuser[4994]: checking
"root:x:0:0:root:/root:/bin/bash "
<snip>pam_localuser checking all lines in /etc/passwd</snip>
Jul 30 17:37:23 njord pam_localuser[4994]: checking
"heiko:x:1000:1000:Heiko Harders,,,:/home/heiko:/bin/bash "
Jul 30 17:37:23 njord gdm[4994]: (pam_unix) session opened for user
heiko by (uid=0)
logged in as 'tdummy' (LDAP user, uid 2002) with graphical login (gdm,
gnome):
/var/log/auth.log:
Jul 30 17:37:05 njord pam_localuser[4994]: checking
"root:x:0:0:root:/root:/bin/bash "
<snip>pam_localuser checking all lines in /etc/passwd</snip>
Jul 30 17:37:05 njord pam_localuser[4994]: checking
"heiko:x:1000:1000:Heiko Harders,,,:/home/heiko:/bin/bash "
Jul 30 17:37:05 njord pam_localuser[4994]: checking
"statd:x:110:65534::/var/lib/nfs:/bin/false "
Jul 30 17:37:05 njord gdm[4994]: (pam_unix) session opened for user
tdummy by (uid=0)
More information about the Pam-list
mailing list