lists.arthurdejong.org
RSS feed

Re: Upgrade from 0.7 to 0.8 having auth problems

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Upgrade from 0.7 to 0.8 having auth problems



On 11/21/2012 9:01 AM, Andy Colson wrote:
On 11/20/2012 3:45 PM, Arthur de Jong wrote:

Another interesting bit from the strace is:
open("/etc/shadow", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)

If you are not running su under strace, does nslcd show the shadow
lookup? Did the strace output and nslcd debug output match the same try?

I ran "nslcd -d" and first did "su andyc" and copied the nslcd output.
Then I ran "strace su andyc 2> strace.log".

I just now did two tests.
"nslcd -d 2> normal" and then did "su andyc"

then restart nslcd and did:
"nslcd -d 2> strace" and then did "strace su andyc"

They are different.  The normal one has two extra calls:

normal>  nslcd: [7b23c6] DEBUG: nslcd_passwd_byname(andyc)
both> nslcd: [3c9869] DEBUG: nslcd_shadow_byname(andyc)
normal> nslcd: [334873] DEBUG: nslcd_group_bymember(andyc)


A wild guess, but could you try nss-pam-ldapd 0.8.10?

I will build a package and give it a try right now.


Lastly is the user andy or andyc in /etc/passwd or /etc/shadow?

andy is only local in /etc/paswd
andyc is only in ldap


-Andy




Crap.  Ignore this.  Wrong version!  I'll try that again.

-Andy
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/