Date: Tue, 15 Oct 2013 12:05:29 +0200 From: Rainer Duffner <rainer@ultra-secure.de> To: freebsd-stable@FreeBSD.org Subject: question about PAM in 9.2 Message-ID: <20131015120529.0fdb56c2@suse3>
next in thread | raw e-mail | index | archive | help
Hi, we have been using pure-ftpd to authenticate via PAM from our ldap-server for some time (the ldap-server was built in 2006...). I've got the following in /etc/pam.d/pure-ftpd auth sufficient /usr/local/lib/pam_ldap.so auth required pam_nologin.so auth required pam_unix.so nullok account required pam_permit.so session required pam_permit.so This worked from probably FreeBSD 5.0 and before (longer than I've been at the company...) until 9.1, then, with the upgrade to 9.2, users can no longer login (LDAP or local does not matter). It has nothing to do with the versions of various ldap-related ports (at least not obviously), because the same set of packages does work with 9.1. Upon trying to login, this is in /var/log/messages: Oct 15 11:10:27 server1 pure-ftpd: in openpam_dispatch(): pam_nologin.so: no pam_sm_setcred() Oct 15 11:10:27 server1 pure-ftpd: in openpam_check_error_code(): pam_sm_setcred(): unexpected return value 4 Oct 15 11:10:30 server1 pure-ftpd: (?@127.0.0.1) [WARNING] Authentication failed for user [demo] Can anyone shed any light on this? What did change between 9.1 and 9.2? Best Regards, Rainer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131015120529.0fdb56c2>