> > I downloaded mod_auth_pam 1.0a. It compiles OK, but I'm > having some kind > > of problems with the linking and/or loading. > > > The main rule in the Makefile is: > > > mod_auth_pam.so: mod_auth_pam.c > > apxs -c -lpam -ldl mod_auth_pam.c > > > I can't find a libdl anywhere on my system. If I simply > remove the " -ldl > > " from the makefile, it will compile and install. But when I > run apache and > > attempt to connect, it refuses the authentication, and in > syslog there is a > > line that says: > > > syslog: load_modules: can not open module > > /usr/lib/security/libpam_unix.1 > > > Although I don't have a libdl, there is a libdld. I don't know if that > > should be a substitute or not, but simply substituting that in > the apxs line > > didn't help. I just got a lot of unresolved references when > running apache. > > Yes, I believe the equivalent to libdl on HPUX is libdld (at > least, this is > what we seem to be using in the Linux-PAM source tree now). I think that I was barking up the wrong tree with libdld. The unresolved reference messages I got when running Apache were things that libdld wanted. >From what I can see, mod_auth_pam is simply linked to /lib/libpam.sl. However, libpam.sl would be the one the dynamic loading of /usr/lib/security/libpam_unix.1 I think. So what I don't quite understand is: does mod_auth_pam.so need the libraries that libpam.sl will need to satisfy loading the pam modules, even though mod_auth_pam itself is not doing the dynamic loading? I found that if I touch /etc/pam_debug, HP-UX PAM will log more details in the syslog. When I run Apache and connect to it and get authentication refused, I get this in the syslog: ---------------------------------------------------------------------------- ------ Sep 26 09:33:14 silver PAM: pam_start(httpd abc) Sep 26 09:33:14 silver PAM: pam_set_item(1) Sep 26 09:33:14 silver PAM: pam_set_item(2) Sep 26 09:33:14 silver PAM: pam_set_item(5) Sep 26 09:33:14 silver PAM: pam_authenticate() Sep 26 09:33:14 silver PAM: load_modules: /usr/lib/security/libpam_unix.1 Sep 26 09:33:14 silver PAM: open_module: /usr/lib/security/libpam_unix.1 failed: Unresolved external Sep 26 09:33:14 silver PAM: load_modules: can not open module /usr/lib/security/libpam_unix.1 Sep 26 09:33:14 silver PAM: pam_set_item(6) Sep 26 09:33:14 silver PAM: pam_end(): status = Success ---------------------------------------------------------------------------- ------ "abc" is the test username I put in the browser, so it seems that at least Apache is talking to mod_auth_pam and mod_auth_pam is talking to libpam.sl Unfortunately, I can't find anywhere that gives any more detail of what the unresolved externals are for libpam_unix.1 Anyone have any suggestions on how I can narrow that down? > .... I'm personally still quite > puzzled that HP seems to have chosen to write their own PAM implementation > rather than leveraging Linux-PAM.. I don't know anything about how HP did their PAM, but in the top of /usr/include/security/pam_appl.h and pam_modules.h, it does say "Copyright (c) 1992-1995, by Sun Microsystems, Inc.". Doesn't have any HP copyright. So it doesn't look like they started from scratch, but perhaps diverged somewhere back. There is a single pam.conf file which includes entries for all clients (login, ftp, su, etc.) and not an /etc/pam.d directory, so it looks like some of the older pam docs I've found on the web. Thanks for any help anyone can provide! - Alan -- Alan Millar Email: Alan.Millar@LPCorp.com Unix System Administrator Voice: 503-624-9004 x3014 Louisiana-Pacific Fax: 509-692-3948
