https://bugzilla.novell.com/show_bug.cgi?id=335521#c1 flo gleixner changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Update Problems |Basesystem --- Comment #1 from flo gleixner 2007-10-28 08:39:33 MST --- Here debug messages if pam_krb5.so is "required": Oct 28 15:21:20 mamba login[23764]: pam_unix2(login:auth): pam_sm_authenticate() called Oct 28 15:21:20 mamba login[23764]: pam_unix2(login:auth): username=[flo] Oct 28 15:21:22 mamba login[23764]: pam_unix2(login:auth): wrong password, return PAM_AUTH_ERR Oct 28 15:21:22 mamba login[23764]: pam_krb5[23764]: authentication succeeds for 'flo' (flo@GOLDACH.TEST) Oct 28 15:21:22 mamba login[23764]: FAILED LOGIN 2 FROM /dev/tty2 FOR flo, Authentication failure Here debug messages if pam_krb5.so is sufficient: Oct 28 15:22:21 mamba login[23818]: pam_unix2(login:auth): pam_sm_authenticate() called Oct 28 15:22:21 mamba login[23818]: pam_unix2(login:auth): username=[flo] Oct 28 15:22:23 mamba login[23818]: pam_unix2(login:auth): wrong password, return PAM_AUTH_ERR Oct 28 15:22:23 mamba login[23818]: pam_krb5[23818]: authentication succeeds for 'flo' (flo@GOLDACH.TEST) Oct 28 15:22:23 mamba login[23818]: pam_unix2(login:setcred): pam_sm_setcred() called Oct 28 15:22:23 mamba login[23818]: pam_unix2(login:setcred): username=[flo] Oct 28 15:22:23 mamba login[23818]: pam_unix2(login:setcred): pam_sm_setcred: PAM_SUCCESS probably rather a pam or kerberos problem? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=335521 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=335521#c7 --- Comment #7 from flo gleixner 2007-11-12 13:09:37 MST --- Even if people using kerberos are skilled, it is a problem, that SuSEconfig continuously changes the pam config file by calling pam-config. This pam-config script writes the lines auth sufficient pam_unix2.so auth required pam_krb5.so use_first_pass auth required pam_deny.so which cause a succesful kerberos authentication fall through to pam_deny. Editing the file /etc/pam.d/common-auth is only fruitful until the next SuSEconfig (or yast2) call. Then you have to re-edit the file again. I think fixing the pam-config script and/or adding a switch "shall yast2 change pam config" would solve the problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=335521#c9 Michael Calmer changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |R.Escher@osram.de --- Comment #9 from Michael Calmer 2007-12-03 09:18:18 MST --- *** Bug 344236 has been marked as a duplicate of this bug. *** https://bugzilla.novell.com/show_bug.cgi?id=344236 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.