Article delegate-en/2480 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2479@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Problems with PAM authentication
05 Dec 2003 09:09:03 GMT feedback@delegate.org (Yutaka Sato)


On 12/05/03(08:20) you high <high.mobley@prioritynetworks..> wrote
in <_A2479@delegate-en.ML_>
 |  However, I have been unsuccessful in making DeleGate authenticate 
 |users against PAM. In order to keep things as simple as possible while 
 |troubleshooting, I added a local user (called 'tester') on my DeleGate 
 |server. When I browse to my DeleGate server, I am prompted for a 
 |username and password. I enter my username 'tester' and the correct 
 |password. DeleGate just repeatedly prompts me for authentication, but 
 |never accepts my valid logins.
...
 |     AUTHORIZER="-pam/passwd" \
...
 |12/04 17:19:55.12 [7882] 1+1/1: ## dgpam = /home/delegate/subin/dgpam
 |PAM: cannot start passwd [tester]

This line shows that starting PAM failed by some reason.  It is the
result of 

 pam_start("passwd","tester",&pam_conv,&pamh)

in "rary/pam.c".  Getting more information about the error will be
helpful.  Could you test the DeleGate patched with the enclosed patch?

Cheers,
Yutaka
--
  D G Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** ../dist/delegate8.7.7/rary/pam.c	Fri Aug 29 11:25:00 2003
--- pam.c	Fri Dec  5 17:57:54 2003
***************
*** 162,170 ****
--- 162,179 ----
  	char *service,*user,*pass;
  {	int status;
  	void *pamh;
+ 	int perr;
+ 	extern char *pam_strerror();
  
+ 	/*
  	if( pam_start(service,user,&pam_conv,&pamh) != PAM_SUCCESS ){
  		syslog_ERROR("PAM: cannot start %s [%s]\n",service,user);
+ 	*/
+ 	pamh = NULL;
+ 	perr = pam_start(service,user,&pam_conv,&pamh);
+ 	if( perr != PAM_SUCCESS ){
+ 		syslog_ERROR("PAM: cannot start %s [%s] error=%d:%s\n",
+ 			service,user,perr,pam_strerror(&pamh,perr));
  		return -1;
  	}
  	gpass = pass;

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V