[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-general
Subject:    Re: Attributes and authentification
From:       LDAP <ldap () abhost ! net>
Date:       1999-08-06 19:08:19
[Download RAW message or body]


On Thu, 5 Aug 1999, Geoff Hibble wrote:
> Get pam_ldap and nss_ldap from www.padl.com.  My whole environment runs
> off ldap now.  When you want to add a person you add an ldap entry.  I
> have set it up so that passwd sets the password in the ldap entry.  I have
> not progressed much beyond that, but want to let you know it works.


I recently installed pam_ldap and nss_ldap onto a linux system. 
Unfortuatly, I get a segmentation fault whenever I exit a session.  for
example:


jrs@arbutus /home/jrs $ su
Password: 
root@arbutus /home/jrs # echo 'yea, pam_ldap works'
yea, pam_ldap works
root@arbutus /home/jrs # exit
exit
Segmentation fault
jrs@arbutus /home/jrs $ 



/etc/pam.d/su looks like this:

#%PAM-1.0
auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_unix_auth.so use_first_pass
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_unix_acct.so
password   required     /lib/security/pam_cracklib.so
password   sufficient   /lib/security/pam_ldap.so
password   required     /lib/security/pam_pwdb.so use_first_pass
session    required     /lib/security/pam_unix_session.so



does anybody else have this problem?  can anybody tell me why, or how to
fix it?

also, If i run slapd with some debugging I can see that ldap is being
queried during the login proccess so I think that the authentication is
comming from ldap.  But if I remove an entry from /etc/passwd and then try
to log in as that user (the user is still in ldap) access is denied (user
doesn't exist).  Does pam_ldap require users to be in /etc/passwd?  Do I
have things configured wrong?  Insights would be helpful.

thanks,

Jonathan

[prev in list] [next in list] [prev in thread] [next in thread]