netatalk 2.0.4 breaks PAM?

Andrea Venturoli ml at netfence.it
Fri Feb 19 09:05:29 UTC 2010


On 07/25/09 22:34, Joe Marcus Clarke wrote:
> On Sat, 2009-07-25 at 18:54 +0200, Andrea Venturoli wrote:
>> Hello.
>> I'm using afpd on a 6.3/i386 and I make it authenticate to pam_smb.
>> Everything was fine with 2.0.3.
>>
>> As soon as I upgraded to 2.0.4, I started getting:
>>
>> Jul 13 09:28:38 xxxxx afpd[89271]: dhx login: yyyyyyy
>> Jul 13 09:28:38 xxxxx afpd[89271]: in openpam_load_module(): no
>> /usr/local/lib/pam_smb_auth.so found
>> Jul 13 09:28:38 xxxxx afpd[89271]: uams_dhx_pam.c :PAM: PAM_Error:
>> system error
>> Jul 13 09:28:38 xxxxx afpd[89271]: 0.18KB read, 0.12KB written
>>
>> I swear /usr/local/lib/pam_smb_auth.so is there and working, since many
>> other packages are using it the same way.
>
> This error means there was a problem loading the module.  This most
> likely means a symbol could not be resolved.  If you rebuild OpenPAM
> with -DOPENPAM_DEBUG, you will get more diagnostics as to exactly why
> this is failing to load.  To do that, add -DOPENPAM_DEBUG to the CFLAGS
> in /usr/src/lib/libpam/libpam/Makefile.

Sorry for taking seven months...
After an upgrade to 7.2, yesterday I tried once again to upgrade 
netatalk from 2.0.3 to 2.0.5.
Once again, I had the issue above with PAM.
I recompiled libpam with OPENPAM_DEBUG and I got this in the logs:

afpd[57952]: DHX2 login: XXXXXXX
afpd[57952]: DHX2: logincont2 alive!
afpd[57952]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so.4: 
Cannot open "/usr/local/lib/pam_smb_auth.so.4"
afpd[57952]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
/usr/local/lib/pam_smb_auth.so: Undefined symbol "pam_get_item"
afpd[57952]: in openpam_load_module(): no dynamic 
/usr/local/lib/pam_smb_auth.so
afpd[57952]: in openpam_load_module(): no /usr/local/lib/pam_smb_auth.so 
found
afpd[57952]: DHX2: PAM_Error: system error
afpd[57952]: 0.51KB read, 0.38KB written

Users cannot login.



I reverted to 2.0.3 and everything is fine once again.
Notice that I still get the following:

afpd[30819]: dhx login: XXXXXXX
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so.4: 
Cannot open "/usr/local/lib/pam_smb_auth.so.4"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_acct_mgmt(): Undefined symbol "pam_sm_acct_mgmt"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_open_session(): Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_close_session(): Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_chauthtok(): Undefined symbol "pam_sm_chauthtok"
afpd[30819]: in openpam_load_module(): using dynamic 
/usr/local/lib/pam_smb_auth.so
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_authenticate(): Undefined symbol "pam_sm_authenticate"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_setcred(): Undefined symbol "pam_sm_setcred"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_open_session(): Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_close_session(): Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_chauthtok(): Undefined symbol "pam_sm_chauthtok"
afpd[30819]: in openpam_load_module(): using dynamic pam_login_access.so
afpd[30819]: in openpam_dynamic(): pam_unix.so: pam_sm_open_session(): 
Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): pam_unix.so: pam_sm_close_session(): 
Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_load_module(): using dynamic pam_unix.so
afpd[30819]: in openpam_load_module(): using dynamic pam_permit.so
afpd[30819]: in openpam_load_module(): using dynamic pam_permit.so
afpd[30819]: in pam_start(): pam_start("netatalk") succeeded
afpd[30819]: uams_dhx_pam.c :PAM: PAM Success
afpd[30819]: in pam_sm_acct_mgmt(): Got user: Xxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Checking login.access for user 
Xxxxxxx from host xxxxxxxxxxxxxxxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Got user: Xxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Got login_cap
afpd[30819]: uams_dhx_pam.c :PAM: PAM Auth OK!
afpd[30819]: login xxxxxxx (uid 1040, gid 1000) AFP3.1


  bye & Thanks
	av.


More information about the freebsd-ports mailing list