[Bug 859102] Re: pam_unix should not always complain about failed authentication
John Python
859102 at bugs.launchpad.net
Sun Sep 25 17:32:11 UTC 2016
This problem also exists for sssd:
Sep 25 13:11:10 myserver sshd[15919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=bob
Sep 25 13:11:10 myserver sshd[15919]: pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.0.0.1 user=bob
It's possible to fix this ourselves, but it would be much better to see
a more permanent solution.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/859102
Title:
pam_unix should not always complain about failed authentication
Status in pam package in Ubuntu:
Confirmed
Bug description:
I run a server with ubuntu lucid, pam et al 1.1.1-2ubuntu5.3.
I used pam-auth-update to enable unix-style and ldap style authentication.
For accounts that exist in my LDAP only, i get on every (successful!) authentication attempt the following message in auth.log:
dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname=
uid=0 euid=0 tty=dovecot ruser=xyz rhost=127.0.0.1 user=xyz
This appears to happen because of any of the following problems:
1. the unix module has a higher priority than the ldap module
2. the unix module itself logs errors even if its "control" settings (ie. the second field in common-auth) ask it to ignore such a problem
3. the unix module is not supposed to be configured at the same time as the ldap module.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/859102/+subscriptions
More information about the foundations-bugs
mailing list