Bug 198296 - Additional failed login entries via syslog for each successful ldap login
Additional failed login entries via syslog for each successful ldap login
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: pam (Show other bugs)
4.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-10 17:07 EDT by Michael Romero
Modified: 2015-01-07 19:13 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-11 07:42:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michael Romero 2006-07-10 17:07:37 EDT
Description of problem:
I have my systems setup to authenticate via LDAP.  My problem is, I am 
receiving extra entries in my /var/log/messages for every successful ldap 
login.  A successful ldap login sequence looks something like this 
in /var/log/messages:
Jul 10 07:08:23 ihs-plab-01 unix_chkpwd[4214]: password check failed for user 
(romerom)
Jul 10 07:08:23 ihs-plab-01 sshd(pam_unix)[4211]: authentication failure; 
logname= uid=0 euid=0 tty=ssh ruser= rhost=10.37.58.122  user=romerom
Jul 10 07:08:24 ihs-plab-01 sshd(pam_unix)[4217]: session opened for user 
romerom by (uid=0)

I see only a few people grumbling about this out there via google, but I'm kind 
of anal :)  One similar posting can be found here 
http://archives.neohapsis.com/archives/pam-list/2005-03/0021.html
Version-Release number of selected component (if applicable):


How reproducible:
Every Time

Steps to Reproduce:
1.  Configure LDAP with a proper PosixAccount/ShadowAccount setup for Linux 
Systems Authentication
2.  authconfig --useshadow --enableshadow --usemd5 --enablemd5 --
enableldapauth --ldapserver=<ldapip> --ldapbasedn="dc=example,dc=com"  --
enablecache --enablelocauthorize --kickstart

3.  Login successfully to your server as an LDAP user and tail /var/log/messages
  
Actual results:
Jul 10 07:08:23 ihs-plab-01 unix_chkpwd[4214]: password check failed for user 
(romerom)
Jul 10 07:08:23 ihs-plab-01 sshd(pam_unix)[4211]: authentication failure; 
logname= uid=0 euid=0 tty=ssh ruser= rhost=10.37.58.122  user=romerom
Jul 10 07:08:24 ihs-plab-01 sshd(pam_unix)[4217]: session opened for user 
romerom by (uid=0)

Expected results:
Jul 10 07:08:24 ihs-plab-01 sshd(pam_unix)[4217]: session opened for user 
romerom by (uid=0)

Additional info:
openldap-2.2.13-4
nss_ldap-226-10
compat-openldap-2.1.30-4
openldap-devel-2.2.13-4
pam_passwdqc-0.7.5-2
pam-0.77-66.14
pam-devel-0.77-66.14
Comment 1 Tomas Mraz 2006-07-11 07:42:15 EDT
This problem will be resolved in the next release of Red Hat Enterprise Linux.
Red Hat does not currently plan to provide a resolution for this in a Red Hat
Enterprise Linux update for currently deployed systems.

With the goal of minimizing risk of change for deployed systems, and in response
to customer and partner requirements, Red Hat takes a conservative approach when
evaluating changes for inclusion in maintenance updates for currently deployed
products. The primary objectives of update releases are to enable new hardware
platform support and to resolve critical defects. 
Comment 2 Michael Romero 2006-07-11 14:30:37 EDT
is there any chance I can get a beta version of the new rpm that I can run with 
in my environment? :)
Comment 3 Tomas Mraz 2006-07-11 15:26:30 EDT
You could theoretically rebuild a PAM source rpm from FC-5 and try it.
However it is strictly unsupported and not recommended.

Note You need to log in before you can comment on or make changes to this bug.