From owner-freebsd-hackers Fri Jun 23 4:56:36 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from huron.dnepr.net.ua (huron.dnepr.net.ua [195.248.180.242]) by hub.freebsd.org (Postfix) with ESMTP id CB87937B9DC; Fri, 23 Jun 2000 04:56:22 -0700 (PDT) (envelope-from white@onyx.extra.dp.ua) Received: from onyx.extra.dp.ua (mttye.dnepr.net.ua [195.248.180.80]) by huron.dnepr.net.ua (8.10.1/8.10.1g/) with ESMTP id e5NBx1w52267; Fri, 23 Jun 2000 14:59:02 +0300 (EEST) Received: (from white@localhost) by onyx.extra.dp.ua (8.10.0/8.10.0/Who.Cares) id e5NBu4u10029; Fri, 23 Jun 2000 14:56:04 +0300 (EET DST) Date: Fri, 23 Jun 2000 14:56:04 +0300 From: Alexander Prohorenko To: Ingo Luetkebohle Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Apache with PAM/RADIUS authentication Message-ID: <20000623145604.A9106@extra.dp.ua> References: <20000623115743.A5030@extra.dp.ua> <20000623130414.A18525@devconsult.de> Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2i In-Reply-To: <20000623130414.A18525@devconsult.de>; from ingo@blank.pages.de on Fri, Jun 23, 2000 at 01:04:14PM +0200 Organization: Extra Solutions X-Operating-System: SunOS 5.7 i86pc Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Greetings, On Fri, Jun 23, 2000 at 01:04:14PM +0200, Ingo Luetkebohle wrote: > please cc any replies to me, I'm not on the FreeBSD lists. Okay, I'll bounce everything I'll got on this subject. You may include this into your FAQ. Of course, if we'll solve this problem :) > Anyways, this looks like a simple path problem. I don't know where FreeBSD > places the pam modules, but on Linux they are in /lib/security/. > > > Jun 22 13:50:15 nwlynx dev-httpd: unable to dlopen(/usr/lib/pam_radius.so) > > Jun 22 13:50:15 nwlynx dev-httpd: [dlerror: /usr/lib/pam_radius.so: Undefined symbol "pam_get_item"] > > Jun 22 13:50:15 nwlynx dev-httpd: adding faulty module: /usr/lib/pam_radius.so > > Jun 22 13:50:15 nwlynx dev-httpd: unable to dlopen(/usr/lib/pam_unix.so) > > Jun 22 13:50:15 nwlynx dev-httpd: [dlerror: /usr/lib/pam_unix.so: Undefined symbol "pam_get_item"] > > Jun 22 13:50:15 nwlynx dev-httpd: adding faulty module: /usr/lib/pam_unix.so white@micogw:/usr/home/white>ls -al /usr/lib/pam* -r--r--r-- 1 root wheel 2871 19 ÉÀÎ 05:16 /usr/lib/pam_cleartext_pass_ok.so -r--r--r-- 1 root wheel 2637 19 ÉÀÎ 05:16 /usr/lib/pam_deny.so -r--r--r-- 1 root wheel 3183 19 ÉÀÎ 05:16 /usr/lib/pam_permit.so -r--r--r-- 1 root wheel 6563 19 ÉÀÎ 05:16 /usr/lib/pam_radius.so -r--r--r-- 1 root wheel 3774 19 ÉÀÎ 05:16 /usr/lib/pam_skey.so -r--r--r-- 1 root wheel 6473 19 ÉÀÎ 05:16 /usr/lib/pam_tacplus.so -r--r--r-- 1 root wheel 14357 19 ÉÀÎ 05:16 /usr/lib/pam_unix.so Unfortunetly, all modules are readable and accessable by /usr/lib/ path. What PAM version is necessary for this module? FreeBSD 3.4-STABLE has PAM 0.56. But by some strange reason I do know guys who are running the same configuration and everything is working, the only difference is that they are using pam_tacplus instead of pam_radius. Also, I thought that's the reason is that libpam library has not pam_get_item() function. And that's not the truth too! white@micogw:/usr/home/white>strings /usr/lib/libpam.so | grep pam_get_item pam_get_item pam_get_item: NULL pam handle passed pam_get_item: nowhere to place requested item I'm open for any suggestions and tests except running httpd server as root. Thanks and hope to hear from you soon. Cheers, -- Alexander Prohorenko, Extra Solutions [ http://extra.com.ua ] "Those who do not understand UNIX are condemned to reinvent it, poorly." -- H. Spencer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message