Bug 142820 - pam nis/smb_auth no longer works after upgrading from fedora core 2 to 3
pam nis/smb_auth no longer works after upgrading from fedora core 2 to 3
Status: CLOSED DUPLICATE of bug 136760
Product: Fedora
Classification: Fedora
Component: pam (Show other bugs)
3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-14 09:42 EST by Dennis Wagelaar
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:07:41 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
/etc/pam.d/system-auth (914 bytes, text/plain)
2004-12-14 09:47 EST, Dennis Wagelaar
no flags Details

  None (edit)
Description Dennis Wagelaar 2004-12-14 09:42:46 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
After upgrading a fedora core 2 system to fedora core 3, the pam
nis/smb_auth login setup no longer worked. Normally, the system would
retrieve the available user accounts via NIS and then do password
authentication against a Samba server (pam_smb_auth).

---

A local login fails with the following in /var/log/messages:
Dec 14 15:32:55 infopc122 login(pam_unix)[4896]: check pass; user unknown
Dec 14 15:32:55 infopc122 login(pam_unix)[4896]: authentication
failure; logname=LOGIN uid=0 euid=0 tty=tty3 ruser= rhost=
Dec 14 15:32:55 infopc122 login[4896]: Authentication service cannot
retrieve authentication info.
Dec 14 15:32:55 infopc122 init: open(/dev/pts/0): No such file or
directory

Also note that the login does not fail with "Login incorrect", but the
message "Authentication service cannot retrieve authentication info"
appears for a short moment, after which the screen refreshes.

Another machine running fedora core 2 does work, and gives the
following log messages on login in /var/log/messages:
Dec 14 15:35:38 infopc123 login(pam_unix)[16125]: check pass; user unknown
Dec 14 15:35:38 infopc123 login(pam_unix)[16125]: authentication
failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=
Dec 14 15:35:39 infopc123 login(pam_unix)[16125]: session opened for
user dwagelaa by LOGIN(uid=0)
Dec 14 15:35:39 infopc123  -- dwagelaa[16125]: LOGIN ON tty1 BY dwagelaa

---

An SSH login fails with the following in /var/log/messages:
Dec 14 15:28:42 infopc122 sshd(pam_unix)[4870]: check pass; user unknown
Dec 14 15:28:42 infopc122 sshd(pam_unix)[4870]: authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=infopc44.vub.ac.be

...and the following in /var/log/secure:
Dec 14 15:28:42 infopc122 sshd[4870]: Failed password for dwagelaa
from ::ffff:10.0.4.44 port 33775 ssh2

Another machine running fedora core 2 does work, and gives the
following log messages on login in /var/log/messages:
Dec 14 13:51:37 infopc123 sshd(pam_unix)[1751]: session opened for
user dwagelaa by (uid=500)

...and the following in /var/log/secure:
Dec 14 13:51:37 infopc123 sshd[1749]: pam_succeed_if: requirement "uid
< 100" not met by user "dwagelaa"
Dec 14 13:51:37 infopc123 sshd[1749]: Accepted publickey for dwagelaa
from ::ffff:10.0.4.44 port 33599 ssh2


Version-Release number of selected component (if applicable):
pam-0.77-65

How reproducible:
Always

Steps to Reproduce:
1. Log in locally, via gdm or ssh
2.
3.
    

Actual Results:  Login fails, see above for details.

Expected Results:  I should have been logged in.

Additional info:
Comment 1 Dennis Wagelaar 2004-12-14 09:47:02 EST
Created attachment 108518 [details]
/etc/pam.d/system-auth
Comment 2 Tomas Mraz 2004-12-14 09:57:45 EST
What gives the command: getent passwd dwagelaa
?
Comment 3 Dennis Wagelaar 2004-12-14 10:04:23 EST
Gives:

dwagelaa:x:500:500:Dennis Wagelaar:/home/dwagelaa:/bin/bash

(The same on the working fc2 machine)
Comment 4 Tomas Mraz 2004-12-14 10:17:06 EST
As I suspected. The x shouldn't be there, rather anything else, F.E.
*SP* like samba password, but anything else than x and *NP* should work.

But if you rerun the authconfig it should help - it will add
broken_shadow option to the account pam_unix line.


*** This bug has been marked as a duplicate of 136760 ***
Comment 5 Red Hat Bugzilla 2006-02-21 14:07:41 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.