question about PAM in 9.2
Rainer Duffner
rainer at ultra-secure.de
Tue Oct 15 10:05:40 UTC 2013
Hi,
we have been using pure-ftpd to authenticate via PAM from our
ldap-server for some time (the ldap-server was built in 2006...).
I've got the following in /etc/pam.d/pure-ftpd
auth sufficient /usr/local/lib/pam_ldap.so
auth required pam_nologin.so
auth required pam_unix.so nullok
account required pam_permit.so
session required pam_permit.so
This worked from probably FreeBSD 5.0 and before (longer than I've been
at the company...) until 9.1, then, with the upgrade to 9.2, users can
no longer login (LDAP or local does not matter).
It has nothing to do with the versions of various ldap-related ports
(at least not obviously), because the same set of packages does work
with 9.1.
Upon trying to login, this is in /var/log/messages:
Oct 15 11:10:27 server1 pure-ftpd: in openpam_dispatch():
pam_nologin.so: no pam_sm_setcred()
Oct 15 11:10:27 server1 pure-ftpd: in openpam_check_error_code():
pam_sm_setcred(): unexpected return value
4 Oct 15 11:10:30 server1 pure-ftpd: (?@127.0.0.1) [WARNING]
Authentication failed for user [demo]
Can anyone shed any light on this?
What did change between 9.1 and 9.2?
Best Regards,
Rainer
More information about the freebsd-stable
mailing list