Re: dlopen failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



How does your conversation function return PAM_SUCCESS?

Cheers

Andrew

Dimitri Priimak wrote:
> 
> Only one message in /var/log/messages, here it is
> Sep 10 21:57:36 kez PAM_pwdb[914]: auth could not identify password for [dummy]
> 
> I do have this user and a passwd is 'dummypass', and I can became user
> 'dummy' through '% su - dummy' using above mentioned password.
> 
> On Sun, 10 Sep 2000, Andrew Morgan wrote:
> 
> > Dimitri Priimak wrote:
> > >
> > > What do you mean by dlopen errors?
> >
> > I guess I was reading your subject line...
> >
> > Does /var/log/messages have anything to say about your problem?
> >
> > Cheers
> >
> > Andrew
> >
> > > I added line
> > > printf("dlopen : %s\n", dlerror());
> > > right after calling pam_authenticate(pamh, 0);
> > > output is 'dlopen : (null)'
> > > Do you want to see output of strace, everything looks fine there.
> > >
> > > BTW, originally I used strdup() but removed it lately, may be
> > > thoughtlessly, anyway this program never gave me segfault, while
> > > I guess you are right that strdup() should be used, thus I put
> > > strdup back in a form '(char *)strdup("dummmy")', of course I get
> > > the same result, as I described below.
> > >
> > > On Sun, 10 Sep 2000, Andrew Morgan wrote:
> > >
> > > > What are the dlopen errors?
> > > >
> > > > BTW. I would expect this program to segfault. You need to strdup() your
> > > > "dummy" and "dummypass" to avoid this. (The module will try to free()
> > > > these conversation responses.)
> > > >
> > > > Cheers
> > > >
> > > > Andrew
> > > >
> > > > Dimitri Priimak wrote:
> > > > >
> > > > > Hi.
> > > > >
> > > > > I am trying to authenicate my user using pam (,pam-0.72-20) on RedHat
> > > > > 6.2 and I did many things but nothing works and get error message which
> > > > > correspond to dlopen failure. So, below I wrote simple program which is
> > > > > trying to authenicate user 'dummy' with pussword 'dummypass'.
> > > > > Can somebody tell me what I am doing wrong?
> > > > >
> > > > > /****
> > > > >  * file pam_test.c
> > > > >  ****/
> > > > > #include <unistd.h>
> > > > > #include <stdlib.h>
> > > > > #include <stdio.h>
> > > > > #include <security/pam_appl.h>
> > > > >
> > > > > #define PAM_CHECK_ERROR if( pam_result != PAM_SUCCESS ){ \
> > > > >     pam_end(pamh, 0); \
> > > > >     exit(-1); \
> > > > > }
> > > > >
> > > > > static int pam_convf(int num_msg, const struct pam_message **msg,
> > > > >       struct pam_response **resp, void *appdata_ptr);
> > > > >
> > > > > static struct pam_conv pam_conversation =
> > > > > {
> > > > >  &pam_convf,
> > > > >  NULL
> > > > > };
> > > > >
> > > > > int pam_result;
> > > > > pam_handle_t *pamh;
> > > > >
> > > > > int main(int argc, char *argv){
> > > > >   /* init pam, using xlock service  */
> > > > >   pam_result = pam_start("xlock", "priimak", &pam_conversation, &pamh);
> > > > >   printf("pam_start : %s\n", pam_strerror(pamh, pam_result));
> > > > >   PAM_CHECK_ERROR;
> > > > >   pam_result = pam_set_item(pamh, PAM_USER, "dummy");
> > > > >   printf("pam_set_item : %s\n", pam_strerror(pamh, pam_result));
> > > > >   PAM_CHECK_ERROR;
> > > > >   /* try to authenticate */
> > > > >   pam_result = pam_authenticate(pamh, 0);
> > > > >   printf("pam_authenticate : %s\n", pam_strerror(pamh, pam_result));
> > > > >   PAM_CHECK_ERROR;
> > > > >
> > > > >   pam_end(pamh, 0);
> > > > >   exit(0);
> > > > > }
> > > > >
> > > > > static int pam_convf(int num_msg, const struct pam_message **msg,
> > > > >                                         struct pam_response **resp, void
> > > > >
> > > > > *appdata_ptr){
> > > > >   struct pam_response *reply = NULL;
> > > > >   int replies;
> > > > >
> > > > >   reply = (struct pam_response *) malloc(sizeof (struct pam_response) *
> > > > > num_msg);
> > > > >
> > > > >   for( replies = 0; replies < num_msg; replies++ ){
> > > > >     switch (msg[replies]->msg_style) {
> > > > >     case PAM_PROMPT_ECHO_ON :
> > > > >       printf("PAM_PROMPT_ECHO_ON\n");
> > > > >       reply[replies].resp_retcode = PAM_SUCCESS;
> > > > >       reply[replies].resp = "dummy";
> > > > >       break;
> > > > >
> > > > >     case PAM_PROMPT_ECHO_OFF :
> > > > >       printf("PAM_PROMPT_ECHO_OFF\n");
> > > > >       reply[replies].resp_retcode = PAM_SUCCESS;
> > > > >       reply[replies].resp = "dummypass";
> > > > >       break;
> > > > >
> > > > >     case PAM_TEXT_INFO :
> > > > >       printf("PAM_TEXT_INFO\n");
> > > > >       reply[replies].resp_retcode = PAM_SUCCESS;
> > > > >       reply[replies].resp = NULL;
> > > > >       break;
> > > > >
> > > > >     case PAM_ERROR_MSG :
> > > > >       printf("PAM_ERROR_MSG\n");
> > > > >       reply[replies].resp_retcode = PAM_SUCCESS;
> > > > >       reply[replies].resp = NULL;
> > > > >       break;
> > > > >
> > > > >     default:
> > > > >       (void) free((void *) reply);
> > > > >       return PAM_CONV_ERR;
> > > > >
> > > > >     }
> > > > >   }
> > > > > }
> > > > >
> > > > > *********
> > > > > I compile it like this
> > > > > % gcc -lc -lpam -ldl pam_test.c -o pam_tes
> > > > >
> > > > > Fianally when I run it I get following output:
> > > > > % ./pam_test
> > > > > pam_start : Success
> > > > > PAM_PROMPT_ECHO_OFF
> > > > > pam_authenticate : dlopen() failure
> > > > > %
> > > > >
> > > > > When I look into /var/log/message I see
> > > > > % cat /var/log/messages | grep -i pam
> > > > > ...
> > > > > Sep  9 23:07:48 kez PAM_pwdb[5843]: auth could not identify password for
> > > > > [dummy]
> > > > >
> > > > > Note that I am using 'xlock' service and here it is
> > > > > % cat /etc/pam.d/xlock
> > > > > #%PAM-1.0
> > > > > auth       required     /lib/security/pam_pwdb.so shadow nullok
> > > > > %
> > > > >
> > > > > I do have this file /lib/security/pam_pwdb.so and I checkd with strace
> > > > > it actally opens it
> > > > > as well as other libs. I also run xlock with strace and so that xlock
> > > > > using service 'xlock'
> > > > > Any ideas what is wrong?
> > > > >
> > > > > Thanks in advance.
> > > > > Dmitri Priimak.
> > > > >
> > > > > _______________________________________________
> > > > > 
> > > > > Pam-list@redhat.com
> > > > > https://listman.redhat.com/mailman/listinfo/pam-list
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > 
> > > > Pam-list@redhat.com
> > > > https://listman.redhat.com/mailman/listinfo/pam-list
> > > >
> > >
> > > _______________________________________________
> > > 
> > > Pam-list@redhat.com
> > > https://listman.redhat.com/mailman/listinfo/pam-list
> >
> >
> >
> > _______________________________________________
> > 
> > Pam-list@redhat.com
> > https://listman.redhat.com/mailman/listinfo/pam-list
> >
> 
> _______________________________________________
> 
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list





[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux