FreeBSD Mail Archives

Date:      Fri, 19 Feb 2010 10:05:21 +0100
From:      Andrea Venturoli <ml@netfence.it>
To:        Joe Marcus Clarke <marcus@FreeBSD.org>
Cc:        freebsd-ports@FreeBSD.org
Subject:   Re: netatalk 2.0.4 breaks PAM?
Message-ID:  <4B7E5451.2080908@netfence.it>
In-Reply-To: <1248554065.44222.17.camel@shumai.marcuscom.com>
References:  <4A6B38BE.2050405@netfence.it> <1248554065.44222.17.camel@shumai.marcuscom.com>

On 07/25/09 22:34, Joe Marcus Clarke wrote:
> On Sat, 2009-07-25 at 18:54 +0200, Andrea Venturoli wrote:
>> Hello.
>> I'm using afpd on a 6.3/i386 and I make it authenticate to pam_smb.
>> Everything was fine with 2.0.3.
>>
>> As soon as I upgraded to 2.0.4, I started getting:
>>
>> Jul 13 09:28:38 xxxxx afpd[89271]: dhx login: yyyyyyy
>> Jul 13 09:28:38 xxxxx afpd[89271]: in openpam_load_module(): no
>> /usr/local/lib/pam_smb_auth.so found
>> Jul 13 09:28:38 xxxxx afpd[89271]: uams_dhx_pam.c :PAM: PAM_Error:
>> system error
>> Jul 13 09:28:38 xxxxx afpd[89271]: 0.18KB read, 0.12KB written
>>
>> I swear /usr/local/lib/pam_smb_auth.so is there and working, since many
>> other packages are using it the same way.
>
> This error means there was a problem loading the module.  This most
> likely means a symbol could not be resolved.  If you rebuild OpenPAM
> with -DOPENPAM_DEBUG, you will get more diagnostics as to exactly why
> this is failing to load.  To do that, add -DOPENPAM_DEBUG to the CFLAGS
> in /usr/src/lib/libpam/libpam/Makefile.

Sorry for taking seven months...
After an upgrade to 7.2, yesterday I tried once again to upgrade 
netatalk from 2.0.3 to 2.0.5.
Once again, I had the issue above with PAM.
I recompiled libpam with OPENPAM_DEBUG and I got this in the logs:

afpd[57952]: DHX2 login: XXXXXXX
afpd[57952]: DHX2: logincont2 alive!
afpd[57952]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so.4: 
Cannot open "/usr/local/lib/pam_smb_auth.so.4"
afpd[57952]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
/usr/local/lib/pam_smb_auth.so: Undefined symbol "pam_get_item"
afpd[57952]: in openpam_load_module(): no dynamic 
/usr/local/lib/pam_smb_auth.so
afpd[57952]: in openpam_load_module(): no /usr/local/lib/pam_smb_auth.so 
found
afpd[57952]: DHX2: PAM_Error: system error
afpd[57952]: 0.51KB read, 0.38KB written

Users cannot login.

I reverted to 2.0.3 and everything is fine once again.
Notice that I still get the following:

afpd[30819]: dhx login: XXXXXXX
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so.4: 
Cannot open "/usr/local/lib/pam_smb_auth.so.4"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_acct_mgmt(): Undefined symbol "pam_sm_acct_mgmt"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_open_session(): Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_close_session(): Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_dynamic(): /usr/local/lib/pam_smb_auth.so: 
pam_sm_chauthtok(): Undefined symbol "pam_sm_chauthtok"
afpd[30819]: in openpam_load_module(): using dynamic 
/usr/local/lib/pam_smb_auth.so
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_authenticate(): Undefined symbol "pam_sm_authenticate"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_setcred(): Undefined symbol "pam_sm_setcred"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_open_session(): Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_close_session(): Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_dynamic(): pam_login_access.so: 
pam_sm_chauthtok(): Undefined symbol "pam_sm_chauthtok"
afpd[30819]: in openpam_load_module(): using dynamic pam_login_access.so
afpd[30819]: in openpam_dynamic(): pam_unix.so: pam_sm_open_session(): 
Undefined symbol "pam_sm_open_session"
afpd[30819]: in openpam_dynamic(): pam_unix.so: pam_sm_close_session(): 
Undefined symbol "pam_sm_close_session"
afpd[30819]: in openpam_load_module(): using dynamic pam_unix.so
afpd[30819]: in openpam_load_module(): using dynamic pam_permit.so
afpd[30819]: in openpam_load_module(): using dynamic pam_permit.so
afpd[30819]: in pam_start(): pam_start("netatalk") succeeded
afpd[30819]: uams_dhx_pam.c :PAM: PAM Success
afpd[30819]: in pam_sm_acct_mgmt(): Got user: Xxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Checking login.access for user 
Xxxxxxx from host xxxxxxxxxxxxxxxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Got user: Xxxxxxx
afpd[30819]: in pam_sm_acct_mgmt(): Got login_cap
afpd[30819]: uams_dhx_pam.c :PAM: PAM Auth OK!
afpd[30819]: login xxxxxxx (uid 1040, gid 1000) AFP3.1

  bye & Thanks
	av.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B7E5451.2080908>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation