From owner-freebsd-questions@FreeBSD.ORG Wed Aug 10 22:28:23 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8C3A16A41F for ; Wed, 10 Aug 2005 22:28:23 +0000 (GMT) (envelope-from smalone@udallas.edu) Received: from mail.udallas.edu (mail.udallas.edu [192.91.253.73]) by mx1.FreeBSD.org (Postfix) with SMTP id 33CAA43D46 for ; Wed, 10 Aug 2005 22:28:23 +0000 (GMT) (envelope-from smalone@udallas.edu) Received: (qmail 1235 invoked from network); 10 Aug 2005 22:30:48 -0000 Received: from unknown (HELO ?10.3.20.101?) (10.3.20.101) by 0 with SMTP; 10 Aug 2005 22:30:48 -0000 Message-ID: <42FA7F82.4090406@udallas.edu> Date: Wed, 10 Aug 2005 17:28:18 -0500 From: "Sean P. Malone" User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD Questions Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Subject: Problem w/ =?windows-1252?q?PAM=85?= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: smalone@udallas.edu List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Aug 2005 22:28:23 -0000 …and the problem is evidently me! Okay. I was messing around with pam_radius in and attempt to authenticate POP requests off of our existing Active Directory. Although I was able to get SSH to authenticate off of AD, I never could get POP. Today I finally realized that our checkpasswd program can ONLY valid off of the local user DB – we use qmail. That made sense so I decided to ditch pam_radius. In my eagerness to get rid of it and move on, I believe that I’ve delete a file(s) from /user/lib. Namely, pam_radius.s0 and pam_radius.s02 (from memory). If it is true that the absence of these original files is causing my problem, I really need to somehow restore PAM. It seems that I have a “fail open” situation here. I can ssh to the host and get a shell without entering a password. Luckily, one cannot ssh in as root, but one can first ssh in as them self (w/o being asked a password) and then su right into root – yes, w/o a password! I’m novice enough to blame myself right off the bat for moving to fast. Thus, I’ve pulled the system off the network and am hoping that I can somehow restore PAM w/o a reinstall. The system is still non-production so, sigh, there is no backup. :( Does anyone know if I can fix PAM? FreeBSD v5.3 Thanks! Sean