[OpenAFS] pam and openafs 1.2.7 for RH 7.2
Charles Clancy
security@xauth.net
Wed, 2 Oct 2002 10:42:23 -0500 (CDT)
> After modifing /etc/pam.d/system-auth as you proposed I still have
> troubles login in. In the /var/log/messages I get following entries
> afterwards:
>
> Oct 2 11:29:43 burner pam_afs[5701]: AFS Authentication failed for user
> testuser. password was incorrect
Sorry -- there was a mistake in my previous post.
> auth required /lib/security/pam_env.so
> auth sufficient /lib/security/pam_afs.so try_first_pass
> ignore_root
> auth required /lib/security/pam_unix.so likeauth nullok
> auth required /lib/security/pam_deny.so
If you'll notice, there is no first pass to try (as pam_unix is called
after pam_afs), hence you should remove the try_first_pass option. This
shouldn't completely prevent you from logging in, but it will make the
entries you noticed show up in your logs.
Try removing that option, and see if it works then.
[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]