bin/66095: [pam] template_user is broken in pam_radius
des at FreeBSD.org
des at FreeBSD.org
Thu Feb 14 16:29:59 UTC 2008
Synopsis: [pam] template_user is broken in pam_radius
State-Changed-From-To: open->closed
State-Changed-By: des
State-Changed-When: Thu Feb 14 16:26:43 UTC 2008
State-Changed-Why:
This is actually a configuration error.
At the point where pam_radius submits an authentication request to the
server, it doesn't know (or care) whether the user exists in the local
user database. It doesn't make that check until after the user has been
authenticated by the radius server.
The only explanation for this is that the originator had something in
their PAM configuratin that rejected the authentication attempt before
it ever reached pam_radius. This could easily have been verified by
enabling debugging with the "debug" keyword in the appropriate PAM
stack.
http://www.freebsd.org/cgi/query-pr.cgi?pr=66095
More information about the freebsd-bugs
mailing list