question about PAM in 9.2
BSDCS Lists
lists at bsdcs.com
Tue Oct 15 13:20:33 UTC 2013
On 10/15/2013 3:05 AM, Rainer Duffner wrote:
> Hi,
>
>
> we have been using pure-ftpd to authenticate via PAM from our
> ldap-server for some time (the ldap-server was built in 2006...).
>
>
> I've got the following in /etc/pam.d/pure-ftpd
>
> auth sufficient /usr/local/lib/pam_ldap.so
> auth required pam_nologin.so
> auth required pam_unix.so nullok
>
> account required pam_permit.so
>
> session required pam_permit.so
>
>
> This worked from probably FreeBSD 5.0 and before (longer than I've been
> at the company...) until 9.1, then, with the upgrade to 9.2, users can
> no longer login (LDAP or local does not matter).
> It has nothing to do with the versions of various ldap-related ports
> (at least not obviously), because the same set of packages does work
> with 9.1.
>
> Upon trying to login, this is in /var/log/messages:
>
> Oct 15 11:10:27 server1 pure-ftpd: in openpam_dispatch():
> pam_nologin.so: no pam_sm_setcred()
> Oct 15 11:10:27 server1 pure-ftpd: in openpam_check_error_code():
> pam_sm_setcred(): unexpected return value
> 4 Oct 15 11:10:30 server1 pure-ftpd: (?@127.0.0.1) [WARNING]
> Authentication failed for user [demo]
>
>
>
> Can anyone shed any light on this?
>
> What did change between 9.1 and 9.2?
Hello Rainer -
I found this when searching for:
"openpam_check_error_code():pam_sm_setcred(): unexpected return value 4"
http://www.blissfulidiot.com/2010/11/pam-ldap-error-unexpected-return-value.html
Randy Ricker
>
>
> Best Regards,
> Rainer
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
More information about the freebsd-stable
mailing list