difficulty configuring innd with pamckpasswd
Kim Moir
Kim_Moir at oti.com
Mon Nov 25 21:41:12 UTC 2002
Hi
I'm having difficulty configuring innd to authenticate to an ldap server
using pamckpasswd. My server is running Redhat 7.1 and innd 2.3.1-2
If I use ckpasswd -s in /etc/news/readers.conf, I can authenticate using
my shadow files.
Using ssh, I can login to the server with my ldap username and password so
/etc/nsswitch.conf is configured correctly. However, I cannot login via
pamckpasswd with innd.
I've compiled and installed pamckpasswd in
/usr/bin/auth/passwd/pamckpasswd
chown 4554 pamckpasswd
chmod root.news pamckpasswd
My /etc/pam.d/nnrpd looks like this
#
# The PAM configuration file for the Shadow `nnrpd' service
#
# Disallows other than root logins when /etc/nologin exists
# (Replaces the `NOLOGINS_FILE' option from login.defs)
auth requisite pam_nologin.so
# Ensure that system users cannot login -- this is probably a bit
# hacky, but it'll do for now.
auth required pam_listfile.so \
onerr=succeed item=user sense=deny file=/etc/news/readers.deny
# Standard Un*x authentication. The "nullok" line allows passwordless
# accounts.
auth required pam_unix.so
My /etc/news/readers.conf looks like this
auth "localhost" {
hosts: "localhost, 127.0.0.1, stdin, *.mydomain.com"
auth: "pamckpasswd"
}
access "fail" {
newsgroups: !*
}
access "full" {
users: *
newsgroups: *
}
The following error messages appear in /var/log/news/news.err
Nov 25 16:06:05 server2 nnrpd[12968]: server1.mydomain.com connect
Nov 25 16:06:11 server2 nnrpd[12968]: server1.mydomain.com auth_err
Failed: Authentication service cannot retrieve
authentication info..
The same message appears if run pamckpasswd from the password from the
command line as user news with the appropriate parameters.
I've removed the information from /etc/passwd, group and shadow for the
user that is trying to post so that user is forced to use the information
from the ldap server.
Any assistance would be greatly appreciated. Thanks in advance!
Kim
More information about the inn-workers
mailing list