|
Hello, I am having problems with PAM/Apache authentication. I have no problems logging in to the svn server thought ssh
and authentication via the PAM server works. However when I use PAM to
authenticate through SVN I am getting DB errors in the logs. Looking at the
MySQL query logs I can see that the (Password) query that is being issued to
MySQL is incomplete. As far as I know all Apache and Pam config
files are correct. I decided to compare the mysql query logs on the currently
working server and the new not working server . This comparison is in the end
of the e-mail and this how I came to the conclusion that the query is
incomplete. Auth log on SVN server (svntest): Oct 29 03:46:08 svntest nss-mysql[9707]:
_nss_mysql_getspnam_r conf file parsing failed Oct 29 03:46:08 svntest nss-mysql[9707]: (pam_unix)
authentication failure; logname= uid=33 euid=33 tty= ruser=
rhost=192.168. 6.43 user=ppragin Oct 29 03:46:08 svntest nss-mysql[9707]: pam_mysql - MySQL
error(You have an error in your SQL syntax; check the manual that
c orresponds to your MySQL server version for the right syntax
to use near 'FROM WHERE user.user_name = 'ppragin'' at line 1) Apache log on SVN server(svntest): [Mon Oct 29 03:17:49 2007] [error] [client 192.168.] (9)Bad
file descriptor: Could not open password file: (null) [Mon Oct 29 03:17:52 2007] [error] [client 192.168.] PAM:
user 'ppragin' - not authenticated: Error in service module Mysql query log from Pam server when running svn
checkout from server (svntest): 131 Connect nss@svntest on nss_mysql 131 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and
user.status = 'A' order by user.uid 132 Connect nss-shadow@svntest.
on nss_mysql 132 Init DB nss_mysql 132 Query SELECT
FROM WHERE user.user_name = 'ppragin' 132 Quit Mysql query log from Pam server when running svn
checkout from server (newsvn): 753 Connect nss@newsvn. on
nss_mysql 753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and user.status = 'A' order by
user.uid 753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and user.status = 'A' order by
user.uid 754 Connect nss-shadow@newsvn. on
nss_mysql 754 Init DB nss_mysql 754 Query SELECT
user.Password FROM user WHERE user.user_name='ppragin' 754 Quit The difference: (svntest server)
132
Query SELECT FROM WHERE
user.user_name = 'ppragin' (newsvn server) 754
Query SELECT user.Password FROM user WHERE
user.user_name='ppragin' I can understand why “user.Password” is missing.
This is how the password is acquired from table “user” field
“Password”. This is why authentication is failing. One thing I
don’t understand is where the information provided for this query comes
from. I don’t see any mention of “user.Password”
in any of the config files. Maybe I am missing a step? Any ideas?
|
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
