PAM rules inside pam.d
Ivan Grover
ivangrvr299 at gmail.com
Fri Feb 27 06:18:43 PST 2009
Hi,
Iam sorry my observation was wrong.
I debugged the problem, it looks strange, these are my findings :
I have my PAM rules for my service as
auth required /lib/security/pam_securetty.so
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
The pam_unix module returns authentication failure from pam_unix.so from
pam_stack.so , hence the control reaches pam_nologin.so.
The same rules work well with telnet/ftp , but fails for my service
I have checked the username, password passed to PAM module by changing the
sources of pam_nologin.so, they are proper. I didnt had sources for
pam_unix, so iam not able to detect the exact problem.
My suspect is that my application using my PAM service might have done some
fd leaks or any other problem. But the max fds open by my application are
185 which is still below max limit(OPEN_MAX)
Restarting the application resolves the problem and iam able to authenticate
user
can anyone help me what could be the problem.
Thanks and Best Regards,
On Wed, Feb 25, 2009 at 1:11 AM, Dag-Erling Smørgrav <des at des.no> wrote:
> Ivan Grover <ivangrvr299 at gmail.com> writes:
> > Now, after upgrading PAM modules (pam_unix.so, pam_stack.so..) and
> > library [...]
>
> Upgrading from what to what?
>
> Have you tried the standard debugging procedure?
>
> DES
> --
> Dag-Erling Smørgrav - des at des.no
>
More information about the freebsd-security
mailing list