[OpenAFS] PAM problems.

Daniel Lundqvist daniel@malarhojden.nu
Wed, 07 May 2003 14:09:52 +0200 

Hi,

I apoligize in advance if this is not the right place for my questions.

I've recently setup OpenAFS 1.2.9 on my FreeBSD 4.8 box. Almost
everything seems to work,after fixing the fs mkmount problem (btw is
there a patch for OpenAFS for this? I patched the kernel which doesn't
seem the best way). But there is one thing I dont't get to work is the
PAM module,perhaps it's my knowledge in PAM that is lacking.

I copied pam_afs.so.1 to /usr/lib/pam_afs.so and changed the sshd
section of /etc/pam.conf to this:

# OpenSSH with PAM support requires similar modules.  The session one is
# a bit strange, though...
sshd   auth    sufficient      pam_afs.so   try_first_pass ignore_root
sshd   auth    required        pam_unix.so  try_first_pass
sshd    account required        pam_unix.so
sshd    password required       pam_permit.so
sshd   session sufficient      pam_afs.so try_first_pass
sshd    session required        pam_permit.so

If I enable debug I get this in syslog:
May  7 03:26:15 ih pam_afs[2037]: AFS 
Options:nowarn=0,use_first_pass=0,try_first_pass=1,ignore_uid=0,ignore_uid_id=0,refresh_token=0,set_token=0,dont_fork=0,use_klog=0
May  7 03:26:15 ih pam_afs[2037]: AFS Username = `daniel'
May  7 03:26:15 ih pam_afs[2037]: forking ...
May  7 03:26:15 ih pam_afs[2037]: in parent, waiting ...
May  7 03:26:15 ih pam_afs[2038]: in child
May  7 03:26:15 ih pam_afs[2038]: child: auth_ok=1
May  7 03:26:15 ih pam_afs[2037]: parent: auth_ok=1
May  7 03:26:15 ih pam_afs[2037]: leaving auth: auth_ok=1
May  7 03:26:15 ih pam_afs[2037]: AFS PAM error, code=0

May  7 03:26:15 ih pam_afs: AFS Options: 
nowarn=0,use_first_pass=0,try_first_pass=1,ignore_uid=0,ignore_uid_id=0,refresh_token=8,set_token=8,dont_fork=8,use_klog=8
May  7 03:26:15 ih pam_afs: AFS Establishing creds for user daniel
May  7 03:26:15 ih pam_afs: AFS No first password for user daniel
May  7 03:26:15 ih pam_afs: AFS Couldn't get passwd via prompt
May  7 03:26:15 ih /kernel: May  7 03:26:15 ih pam_afs: AFS Couldn't get 
passwd

If anyone here have any tips for me I would appreciate that.

Thanks in advance,
Daniel.