Bug 142820
| Summary: | pam nis/smb_auth no longer works after upgrading from fedora core 2 to 3 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Dennis Wagelaar <dwagelaar> | ||||
| Component: | pam | Assignee: | Tomas Mraz <tmraz> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 3 | ||||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2006-02-21 19:07:41 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Created attachment 108518 [details]
/etc/pam.d/system-auth
What gives the command: getent passwd dwagelaa ? Gives: dwagelaa:x:500:500:Dennis Wagelaar:/home/dwagelaa:/bin/bash (The same on the working fc2 machine) As I suspected. The x shouldn't be there, rather anything else, F.E. *SP* like samba password, but anything else than x and *NP* should work. But if you rerun the authconfig it should help - it will add broken_shadow option to the account pam_unix line. *** This bug has been marked as a duplicate of 136760 *** Changed to 'CLOSED' state since 'RESOLVED' has been deprecated. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041111 Firefox/1.0 Description of problem: After upgrading a fedora core 2 system to fedora core 3, the pam nis/smb_auth login setup no longer worked. Normally, the system would retrieve the available user accounts via NIS and then do password authentication against a Samba server (pam_smb_auth). --- A local login fails with the following in /var/log/messages: Dec 14 15:32:55 infopc122 login(pam_unix)[4896]: check pass; user unknown Dec 14 15:32:55 infopc122 login(pam_unix)[4896]: authentication failure; logname=LOGIN uid=0 euid=0 tty=tty3 ruser= rhost= Dec 14 15:32:55 infopc122 login[4896]: Authentication service cannot retrieve authentication info. Dec 14 15:32:55 infopc122 init: open(/dev/pts/0): No such file or directory Also note that the login does not fail with "Login incorrect", but the message "Authentication service cannot retrieve authentication info" appears for a short moment, after which the screen refreshes. Another machine running fedora core 2 does work, and gives the following log messages on login in /var/log/messages: Dec 14 15:35:38 infopc123 login(pam_unix)[16125]: check pass; user unknown Dec 14 15:35:38 infopc123 login(pam_unix)[16125]: authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= Dec 14 15:35:39 infopc123 login(pam_unix)[16125]: session opened for user dwagelaa by LOGIN(uid=0) Dec 14 15:35:39 infopc123 -- dwagelaa[16125]: LOGIN ON tty1 BY dwagelaa --- An SSH login fails with the following in /var/log/messages: Dec 14 15:28:42 infopc122 sshd(pam_unix)[4870]: check pass; user unknown Dec 14 15:28:42 infopc122 sshd(pam_unix)[4870]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=infopc44.vub.ac.be ...and the following in /var/log/secure: Dec 14 15:28:42 infopc122 sshd[4870]: Failed password for dwagelaa from ::ffff:10.0.4.44 port 33775 ssh2 Another machine running fedora core 2 does work, and gives the following log messages on login in /var/log/messages: Dec 14 13:51:37 infopc123 sshd(pam_unix)[1751]: session opened for user dwagelaa by (uid=500) ...and the following in /var/log/secure: Dec 14 13:51:37 infopc123 sshd[1749]: pam_succeed_if: requirement "uid < 100" not met by user "dwagelaa" Dec 14 13:51:37 infopc123 sshd[1749]: Accepted publickey for dwagelaa from ::ffff:10.0.4.44 port 33599 ssh2 Version-Release number of selected component (if applicable): pam-0.77-65 How reproducible: Always Steps to Reproduce: 1. Log in locally, via gdm or ssh 2. 3. Actual Results: Login fails, see above for details. Expected Results: I should have been logged in. Additional info: