calling pam_sm_open_session

["Kelli Wolfe" <kelli inlet com>]

Hi all,

I'm back to debugging my telnet not working with LDAP problem.
We're using RedHat 6.2, OpenLDAP 1.2.10, pam_ldap-70, nss_ldap-113.

When I attempt to telnet from machine bb to aa, /var/log/messages
on the client machine (aa) looks like telnet is working, the
session is opened and the messages look the same as if I was
logging in at the console.  Except the exit status 1 happens
immediately and I get "Connection closed by foreign host."

Looking into the code for pam_pwdb, the function opening the
connection (pam_sm_open_session) has to be returning success.
So, I'm looking for what initially calls pam_sm_open_session.
Is it called directly from inetd?  I'm trying to understand
how PAM gets integrated into the OS.

Thank you for any direction you can offer,
Kelli
-------------

Supporting material:

I can login with an LDAP account or a system account at the console.
I cannot telnet with either account.

/aa//var/log/messages
Sep 22 14:00:47 aa login: exiting pam_sm_acct_mgmt 0
Sep 22 14:00:47 aa PAM_pwdb[9139]: (login) session opened for user josie by
(uid=0)
Sep 22 14:00:47 aa inetd[472]: pid 9138: exit status 1

/aa//etc/pam.d/login looks like this:
#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_nologin.so
auth       sufficient   /lib/security/pam_ldap.so
auth       required     /lib/security/pam_pwdb.so shadow use_first_pass
account    sufficient   /lib/security/pam_ldap.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   sufficient   /lib/security/pam_ldap.so use_authtok md5
password   required     /lib/security/pam_pwdb.so shadow md5 use_authtok
use_first_pass
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so