Re: Upgrade from 0.7 to 0.8 having auth problems
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: Upgrade from 0.7 to 0.8 having auth problems
- From: Andy Colson <andy [at] squeakycode.net>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: Upgrade from 0.7 to 0.8 having auth problems
- Date: Wed, 21 Nov 2012 09:05:17 -0600
On 11/21/2012 9:01 AM, Andy Colson wrote:
On 11/20/2012 3:45 PM, Arthur de Jong wrote:
Another interesting bit from the strace is:
open("/etc/shadow", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
If you are not running su under strace, does nslcd show the shadow
lookup? Did the strace output and nslcd debug output match the same try?
I ran "nslcd -d" and first did "su andyc" and copied the nslcd output.
Then I ran "strace su andyc 2> strace.log".
I just now did two tests.
"nslcd -d 2> normal" and then did "su andyc"
then restart nslcd and did:
"nslcd -d 2> strace" and then did "strace su andyc"
They are different. The normal one has two extra calls:
normal> nslcd: [7b23c6] DEBUG: nslcd_passwd_byname(andyc)
both> nslcd: [3c9869] DEBUG: nslcd_shadow_byname(andyc)
normal> nslcd: [334873] DEBUG: nslcd_group_bymember(andyc)
A wild guess, but could you try nss-pam-ldapd 0.8.10?
I will build a package and give it a try right now.
Lastly is the user andy or andyc in /etc/passwd or /etc/shadow?
andy is only local in /etc/paswd
andyc is only in ldap
-Andy
Crap. Ignore this. Wrong version! I'll try that again.
-Andy
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
- Re: Upgrade from 0.7 to 0.8 having auth problems, (continued)
