[OpenAFS-devel] Linux pam/sasl.
Sean O'Malley
omalleys@msu.edu
Thu, 29 May 2003 11:32:04 -0400 (EDT)
Thanks! but that still didnt work..=(
and I still don't get this.
I dont think it likes something about the pam passwd entry. (maybe not
passing stuff correctly between modules?
I know I had to disable that entry when I was doing pam and
samba/netatalk.
This might also be a sasl problem but im not sure how to debug between
the two...
--------------------------------------
Sean O'Malley, Information Technologist
Michigan State University
-------------------------------------
On Wed, 28 May 2003, Charles Clancy wrote:
> On Tue, 27 May 2003, Sean O'Malley wrote:
>
> > Im _TRYING_ to get cyrus sasl to use pam using authsasld on RH9.0
> > Im using the sasl-sample-client/server to test with. I can get it to use
> > pam to auth against plain unix.so PAM modules, but it isnt working if I
> > substitute the pam_afs modules in it.
> >
> > my pam config for unix.so looks like:
> >
> > auth required pam_unix.so try_first_pass likeauth nullok
> > account required pam_unix.so
> > password required pam_unix.so use_authtok md5 shadow
> > session required pam_unix.so
>
> There's no "first_pass" to try, and pam_afs doesn't like try_first_pass if
> it's the first module. Try:
>
> auth required pam_afs.so
> account required pam_unix.so
> password required pam_unix.so use_authtok md5 shadow
> session required pam_unix.so
> session optional pam_afs.so
>
> [ t. charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
>