Bug 173937 - User login (validated by LDAP) doesn't work
Summary: User login (validated by LDAP) doesn't work
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: nss_ldap   
(Show other bugs)
Version: rawhide
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-11-22 20:10 UTC by Horst H. von Brand
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-29 17:51:44 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Horst H. von Brand 2005-11-22 20:10:57 UTC
Description of problem:
Can't login to a user account managed via LDAP. LDAP server is Fedora Core 3.

Version-Release number of selected component (if applicable):
pam-0.80-14

How reproducible:
Always

Steps to Reproduce:
1. Try to login as user via gdm, or ssh, or directly on console; or "su - user"
from root
2.
3.
  
Actual results:
"su: incorrect password" (!) or some such
In /var/log/secure:
   Nov 22 17:04:38 quelen sshd[2953]: PAM unable to
dlopen(/lib/security/$ISA/pam_ldap.so)
   Nov 22 17:04:38 quelen sshd[2953]: PAM [dlerror: /usr/lib64/libldap-2.2.so.7:
undefined symbol: SSL_CTX_set_tmp_rsa_callback]
   Nov 22 17:04:38 quelen sshd[2953]: PAM adding faulty module:
/lib/security/$ISA/pam_ldap.so
 

Expected results:
Login...

Additional info:

Comment 1 Tomas Mraz 2005-11-23 09:14:40 UTC
That's weird, what 'ldd /usr/lib64/libldap-2.2.so.7' prints? 

Also what versions of the following packages do you have installed? openldap,
nss_ldap, openssl, authconfig.

You should also rerun authconfig to get rid of the /lib/security/$ISA paths in
/etc/pam.d/system-auth.


Comment 2 Horst H. von Brand 2005-11-23 20:59:06 UTC
Sorry, just updated the machine. It was totally up-to-date when I filed the
report, if it is of any use...

Login now works, but getting automount info via LDAP doesn't.

[root@quelen ~]# ldd /usr/lib64/libldap-2.2.so.7
        liblber-2.3.so.0 => /usr/lib64/liblber-2.3.so.0 (0x00002aaaaabe2000)
        libresolv.so.2 => /lib64/libresolv.so.2 (0x00002aaaaad0d000)
        libc.so.6 => /lib64/libc.so.6 (0x00002aaaaae22000)
        /lib64/ld-linux-x86-64.so.2 (0x0000555555554000)

openldap-2.3.11-3
openldap-2.3.11-3
nss_ldap-244-2
openssl-0.9.8a-3
openssl-0.9.8a-3
authconfig-5.0.3-1

(Yes, there are pieces hanging on to i386 binaries...)

Ran "authconfig --update", $ISA is now gone. Login still works, no automount of
$HOME (after restarting autofs).

Comment 3 Horst H. von Brand 2006-03-29 17:51:44 UTC
Automount info now works, but there have been several changes surrounding this
machine, can't say exactly when/why it works again.

Sorry for the noise.


Note You need to log in before you can comment on or make changes to this bug.