[Bug 223784] New: pam authentification against ldap doesn't work
https://bugzilla.novell.com/show_bug.cgi?id=223784 Summary: pam authentification against ldap doesn't work Product: openSUSE 10.2 Version: RC 1 Platform: 32bit OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: marvin24@gmx.de QAContact: qa@suse.de hi, in RC1 (and also beta2) pam authentification against a ldap server (openldap/suse 10.1) stopped working. I use the "use_ldap" mechanism in pam_unix2.conf. This is an upgraded system (from 10.1). When I copy the pam_unix2.so from a suse 10.1 system to /lib/security everything works again. Some debugging shows, that pam gets the account infos (via getent passwd) but not the password data. 10.1 ask the server for posixAccount data, while 10.2 asks for shadowAccount data. Unsure if this is a bug or a feature... thanks Marc -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 ------- Comment #1 from kukuk@novell.com 2006-11-27 12:12 MST ------- /etc/security/pam_unix2.conf does not exist on 10.2, neither is "use_ldap" official support. Both are not even mentioned in the pam_unix2 documentation. Please use YaST2 to configure your system. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |marvin24@gmx.de ------- Comment #2 from mhorvath@novell.com 2006-11-27 13:51 MST ------- Please report us if the yast managed configuration works. Thank you. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 marvin24@gmx.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|marvin24@gmx.de | ------- Comment #3 from marvin24@gmx.de 2006-11-28 01:07 MST ------- "/etc/security/pam_unix2.conf does not exist on 10.2, neither is "use_ldap" official support. Both are not even mentioned in the pam_unix2 documentation. Please use YaST2 to configure your system." ok - that must be a leftover from the older version. This should have been converted during an upgrade. Why we are at it: if I remember correctly, the upgrade created the files /etc/pam.d/common-*-pc (which is also what yast does when doing a manual switch to ldap). These files look correct, but are never included as far as I can see. When overwriting the common-* with these files, everythings seems to work ok. I would expect that the common-*-pc files to be named common-*.rpmnew or common-*.SuSEconfig, so an admin can find them quickly. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |mc@novell.com |screening@forge.provo.novell| |.com | Status|ASSIGNED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 mc@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |marvin24@gmx.de ------- Comment #4 from mc@novell.com 2006-11-28 08:11 MST ------- When I uderstand you correct you made an update from 10.1(?) to 10.2(Beta2/RC1). After the update auth against ldap does not work anymore? If this is correct, we can try to find out what's going wrong if you would attache /var/log/YaST2/y2logRPM . -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 marvin24@gmx.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED ------- Comment #5 from marvin24@gmx.de 2006-11-28 09:31 MST ------- Created an attachment (id=107240) --> (https://bugzilla.novell.com/attachment.cgi?id=107240&action=view) y2logRPM from installation -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 ------- Comment #6 from marvin24@gmx.de 2006-11-28 09:32 MST ------- your are correct and log is attached. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223784 mc@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Comment #7 from mc@novell.com 2006-11-29 07:45 MST ------- I have tested your scenario and with the current version of openSUSE 10.2 it works correctly. I think that an early version of 10.2(AlphaX or BetaX) break something in your system but now it seems to be fixed. So i declare this Bug as fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com