I have the following problem: adding a login account, deleting it, adding the same name again will lock the user name out with the above message. After deleting it, I made sure that the user home directory is gone, the entries in /etc/passwd, group and shadow for this user are gone. Then, when I add the same user name again, I cannot use the graphical logon window - I geht the "Xsession: login for <user> is disabled" - message box prompting me to click "OK" - Bs - it's not OK!!! I think there is somewhere an entry remaining in some auth database and the authentication fails. My syslog entry: Jun 29 01:27:50 munich PAM-unix2[18442]: session started for user sam2, service xdm Jun 29 01:28:00 munich PAM-unix2[18442]: session finished for user sam2, service xdm the /etc/pam.d/xdm has: #%PAM-1.0 auth required /lib/security/pam_unix.so nullok #set_secrpc account required /lib/security/pam_unix.so password required /lib/security/pam_unix.so #strict=false session required /lib/security/pam_unix.so debug # trace or none and I suspect that the session somehow fails. But I have no clue where the user information is kept in PAM. It is on SuSE 6.4 Samartha
You wrote:
adding a login account, deleting it, adding the same name again will lock the user name out with the above message.
Probably it's nscd: NAME /usr/sbin/nscd - name service cache daemon [...] Nscd provides cacheing for the passwd(5), group(5) and hosts(5) databases through standard libc interfaces, such as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3), gethostbyname(3) and others. Each cache has a separate TTL [...] have a look at /etc/nscd.conf -- | Jürgen Dollinger Uni Ulm zeitnot@irc http://www.home.pages.de/~zeitnot/ | \ "What're quantum mechanics?" -- "I don't know. People who / \ repair quantums, I suppose." (Terry Pratchett, Eric) /
Hello, I checked into it - the /etc/nscd.conf has times between 10 and 3600 - I assume seconds which would be up to one hour and it's way beyond that by now. I killed the nscd - tried it again - still same result. Also - I rebooted the disk several times - which should flush the nscd out within that timeframe. I still strongly suspect it is PAM taking it's info from a place it should not or the place should be updated.. thanks anyway, Samartha At 05:08 PM 6/29/00 +0200, you wrote:
You wrote:
adding a login account, deleting it, adding the same name again will lock the user name out with the above message.
Probably it's nscd: NAME /usr/sbin/nscd - name service cache daemon [...] Nscd provides cacheing for the passwd(5), group(5) and hosts(5) databases through standard libc interfaces, such as getpwnam(3), getpwuid(3), getgrnam(3), getgrgid(3), gethostbyname(3) and others. Each cache has a separate TTL [...]
have a look at /etc/nscd.conf -- | Jürgen Dollinger Uni Ulm zeitnot@irc http://www.home.pages.de/~zeitnot/ | \ "What're quantum mechanics?" -- "I don't know. People who / \ repair quantums, I suppose." (Terry Pratchett, Eric) /
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (2)
-
Juergen Dollinger -
samarthax@pobox.com