mod_auth_pam on solaris 10
Harald Falkenberg
harald.falkenberg at desy.de
Sat Jul 24 06:59:16 UTC 2010
Hello Jeff,
kinit works, also for those account which fail in mod_auth_pam.
Any other idea to investigate this problem?
Kind regards
Harald
On Fri, 23 Jul 2010, Jeff Saxton wrote:
> Can you "k I n I t" (stupid autocorrect)
> A short account?
>
> Harald Falkenberg <harald.falkenberg at desy.de> wrote:
>
>
> Hallo,
>
> I found this list on http://pam.sourceforge.net/mod_auth_pam/ and hope
> that somebody can help me in understanding the following problem.
>
> I migrated an web-site using apache server 1.3.41 with mod_auth_pam v. 1.1.1
> from a machine with solaris 8 (sparc) to a maschine with solaris 10
> (x86). In both cases I used the same software and just recompiled it.
>
> When running the web-site on solaris 10, I noticed that the mod_auth_pam
> module works fine as on solaris 8, but if the account name length is <= 4
> it fails. The httpd service is configured in pam.conf to check against a
> kerberos 5 server. - The same accounts, with account name length <= 4,
> can authenticate on the old solaris 8 server.
>
> I set pam in debugging mode and compared the function calls and return
> values of the accounts. In all cases the accounts seem to authenticate
> successfully.
>
> So I was looking for other restrictions or implementation differences
> between solaris 8 and solaris 10. The accounts I used for tests have in
> all cases valid passwords and are not expired.
>
> Does somebody have an idea on this list what might cause the strange
> behaviour with the account name length?
>
> regards
> Harald
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
More information about the Pam-list
mailing list