Check this out.
[[email protected] pam.d]$ sudo -u hfuller echo "testing"
So I can run commands as an LDAP user hfuller, using sudo.
[hac[email protected] pam.d]$ su hfuller
[[email protected] pam.d]$
If I try to su to the user, it doesn't work, and it doesn't even error out. And:
Jul 9 10:46:39 asuka su(pam_unix): session opened for user
hfuller by (uid=0)
Jul 9 10:46:39 asuka su(pam_unix): session closed for user hfuller
A session is opened for my user but then immediately closed. And this
is the error ssh throws:
Jul 9 11:59:18 asuka sshd2: Remote host disconnected:
Authentication method disabled. (user 'hfuller', client address '1
188.8.131.52:48784', requested service 'ssh-connection')
Jul 9 11:59:18 asuka sshd2: User authentication failed:
'Authentication method disabled. (user 'hfuller', client address
'127.0.0.1:48784', requested service 'ssh-connection')'
If I try to ssh to localhost using the login hfuller.
If you know stuff about LDAP logins you might be thinking "His LDAP is
broken when using PAM but not NSS."
But here is this test program I was given, that uses PAM libraries...
[[email protected] pam.d]$ ~hack/check_user
PAM said: Success
Any ideas? This is one of the most confusing problems I've ever had.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Video 4 Linux]
[Linux for the blind]