We run Solaris 8, using the native Solaris PAM infrastructure.
Over the years we have occasionally compiled and installed other PAM
modules into this with little or no trouble. (Indeed, when there has been
a little local difficulty with a module, I have usually tried to fix it
and submit the changes back to the sourceforge project.)
A few weeks ago, we installed Microsoft's precompiled "pam_sso.so.1".
(Its purpose is to replicate password changes out to an Active Directory
system, to help synchronise passwords.)
This appeared to work OK, testing with the usual Solaris "passwd" program,
and including the MS "pam_sso.so.1" in "/etc/pam.conf".
More recently I tried to PAM-ify the "poppassd" program from qpopper.
This was OK without the "/etc/pam.conf" entry: it successfully changed the
UNIX password.
But on reinserting the "/etc/pam.conf" entry it failed, leaving the
message:
poppassd[20519]: [ID 487707 local2.error] load_modules: \
can not open module /usr/lib/security/pam_sso.so.1
in the system logs. (The Solaris "passwd" command is OK.)
The dynamic library dependencies are:
# ldd /usr/lib/security/pam_sso.so.1
libpam.so.1 => /usr/lib/libpam.so.1
libsocket.so.1 => /usr/lib/libsocket.so.1
libnsl.so.1 => /usr/lib/libnsl.so.1
libc.so.1 => /usr/lib/libc.so.1
libdl.so.1 => /usr/lib/libdl.so.1
libmp.so.2 => /usr/lib/libmp.so.2
#
which seems to be a clean subset of those required by Solaris's own
"pam_unix.so.1".
Has anyone seen this before (with either "pam_sso.so.1" or any other
module)? Where do I begin looking? Is there any magic debugging or
tracing I can enable in the Solaris PAM infrastructure?
--
: David Lee I.T. Service :
: Systems Programmer Computer Centre :
: University of Durham :
: http://www.dur.ac.uk/t.d.lee/ South Road :
: Durham :
: Phone: +44 191 374 2882 U.K. :
