Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 15 Oct 2013 06:19:31 -0700
From:      BSDCS Lists <lists@bsdcs.com>
To:        Rainer Duffner <rainer@ultra-secure.de>
Cc:        freebsd-stable@FreeBSD.org
Subject:   Re: question about PAM in 9.2
Message-ID:  <525D40E3.5010909@bsdcs.com>
In-Reply-To: <20131015120529.0fdb56c2@suse3>
References:  <20131015120529.0fdb56c2@suse3>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 10/15/2013 3:05 AM, Rainer Duffner wrote:
> Hi,
>
>
> we have been using pure-ftpd to authenticate via PAM from our
> ldap-server for some time (the ldap-server was built in 2006...).
>
>
> I've got the following in /etc/pam.d/pure-ftpd
>
> auth    sufficient      /usr/local/lib/pam_ldap.so
> auth    required        pam_nologin.so
> auth    required        pam_unix.so     nullok
>
> account required        pam_permit.so
>
> session required        pam_permit.so
>
>
> This worked from probably FreeBSD 5.0 and before (longer than I've been
> at the company...) until 9.1, then, with the upgrade to 9.2, users can
> no longer login (LDAP or local does not matter).
> It has nothing to do with the versions of various ldap-related ports
> (at least not obviously), because the same set of packages does work
> with 9.1.
>
> Upon trying to login, this is in /var/log/messages:
>
> Oct 15 11:10:27 server1 pure-ftpd: in openpam_dispatch():
> pam_nologin.so: no pam_sm_setcred()
> Oct 15 11:10:27 server1 pure-ftpd: in openpam_check_error_code():
> pam_sm_setcred(): unexpected return value
> 4 Oct 15 11:10:30 server1 pure-ftpd: (?@127.0.0.1) [WARNING]
> Authentication failed for user [demo]
>
>
>
> Can anyone shed any light on this?
>
> What did change between 9.1 and 9.2?
Hello Rainer -

I found this when searching for: 
"openpam_check_error_code():pam_sm_setcred(): unexpected return value 4"

http://www.blissfulidiot.com/2010/11/pam-ldap-error-unexpected-return-value.html

Randy Ricker
>
>
> Best Regards,
> Rainer
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?525D40E3.5010909>