Index: [Article Count Order] [Thread]

Date:  Tue, 14 Dec 2004 14:34:09 -0500
From:  "Bill Gibbs" <bgibbs (at mark) edurotech.com>
Subject:  [coba-e:01683] Re: Authentication failures
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <AADCAEEE665CF942B7F50E884894C5D80F5E5F (at mark) eduro2.eduro.local>
X-Mail-Count: 01683

After looking through the pam.d files I realized the various pop3, sshd
etc files had reverted back to a non PWDB form.  I copied a working one
over I am installing from the ISO on another server to compare.  The
only thing I can think of is an update via yum happened, but the
/var/log/yum.log stops at 9/18/04.

I currently have for sshd, cced and pop3, which appears to work:

#%PAM-1.0
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    required     pam_limits.so
session    optional     pam_console.so

system-auth is:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so

password    required      /lib/security/$ISA/pam_cracklib.so retry=3
type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok
use_authtok md5 shadow
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so


Not sure if this will help anyone out, but this started around 10AM EST.
Cant find anything in the logs that would indicate an upgrade or what
not.

Bill

-----Original Message-----
From: Bill Gibbs 
Sent: Tuesday, December 14, 2004 12:30 PM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:01682] Re: Authentication failures

Hmm I assume dv4-utils is actually db4-utils, which I have installed.

http://bluequartz.org/ml/archive/coba-e/1000/1048.html

Should I download the CVS source tree and install the dbrecover init
script?  It wasn't on the Fedora Core 1 ISO install CD.

Bill

-----Original Message-----
From: Bill Gibbs 
Sent: Tuesday, December 14, 2004 12:24 PM
To: 'coba-e (at mark) bluequartz.org'
Subject: Authentication failures

For some random odd reason, which I have yet to find, PWDB stopped
working.  I rebooted the server, still had the problem, all services
using PAM (and hence the PWDB files) failed authentication.  I deleted
the last site added, with about 10 users (all with dots in their
usernames like first.lastname) and it started working immediately.

I then restored this site using CMU and authentication continued to
work.

Very bizarre.  I wrote a btree perl script to dump the .db files in
/var/db and all the files dumped out ok, no errors so it doesn't appear
to have been corruption.

I noticed some threads about dbrecover and dv4-utils - are they
available from the website?

I don't have dbrevover and running db_recover just gives an error about
unable to start in the environment.

Bill