[SDBUG] Re: pam/ldap difficulties

Vye Wilson vyeperman at gmail.com
Fri Aug 18 22:45:28 PDT 2006 

Little update, I was able to test it on my sisters fbsd laptop outside
of a jail and I received the same results. So I think we can rule
jails out as the cause.

On 8/18/06, Vye Wilson <vyeperman at gmail.com> wrote:
> Hi all,
>
> I've recently decided to use OpenLDAP to centralize all of my ssh/ftp
> accounts. I seem to have it working but not completely.
> I'm having two problems. Foremost is that I can't id my ldap user as
> that ldap user. But I can id it as root on the same box. What gives?
>
> ----
> [I have no name!@locker ~]$ id vye
> id: vye: no such user
> [root at locker /]# id vye
> uid=10000(vye) gid=10000 groups=10000
> ----
>
> 'I have no name!' also hints to me that for some reason that user
> can't see it's own id. This also breaks programs like scp and rsync
> that need to look up the user id. But the weird thing is in the error
> message it shows the id. I don't understand how it can be looking up
> the id in ldap (10000) but then it's unknown?
> ----
> vye$ scp file locker:
> Password:
> unknown user 10000
> lost connection
> ----
>
> I have a feeling that my ls and top core dumps are related to this
> issue. ls seems to only core dump when it needs user information...
>
> ----
> [I have no name!@locker ~]$ ls
> ls.core                 repos                   sftp-server.core        top.core
> [I have no name!@locker ~]$ ls -l
> Assertion failed: (cfg->ldc_uris[__session.ls_current_uri] != NULL),
> function do_init, file  ldap-nss.c, line 1312.
> Abort trap: 6 (core dumped)
> ----
>
> I just figured I'd mention that this box is a jail. I doubt that's the
> problem here, but I figured it was worth mentioning. Instead of
> clogging up this email I'll link my pam.d/ldap.conf files here:
> http://thevye.com/stuff/modifiedpamfiles and my ldap entries here:
> http://thevye.com/stuff/pamldapentries Hopefully they are of use...
>
> If anyone needs any additional information for troubleshooting just
> ask. After working on this on and off for a few weeks now I'm nothing
> short of _desperate_ to get this figured out. Any help at all will be
> greatly appreciated.
>
> --System Info:
> nss_ldap-1.251
> openldap-sasl-client-2.3.25
> openldap-server-2.3.25
> pam_ldap-1.8.2
> pam_mkhomedir-0.1
>
> FreeBSD locker.example.com 6.1-STABLE FreeBSD 6.1-STABLE #3: Fri Aug
> 11 20:53:42 UTC 2006
> vye at locker.example.com:/usr/obj/usr/src/sys/KERNEL  amd64
>
> SDBUG > *
>
> Thanks in advance...
> --Vye
>


-- 
--Vye

More information about the SDBUG mailing list