[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM 0.75 and gdm 2.2.4


On Sat, 8 Sep 2001, S. Park wrote:

> I've been using PAM 0.75 since I installed Linux From Scratch on one of
> my workstation, and recently tried to upgrade gdm (>= since it
> has nested servers feature. However, PAM refuses to "setcred" for gdm
> login. With some digging up the source codes what I found was that gdm
> now separated authentification and open session w/ setcred in different
> functions with some reasons related to setgid, etc.

> I tried to make a simple program mimicking the structure of gdm w/ some
> sample codes in the PAM sources:
> The main point is the first routine containing authentification ends
> with pam_end call. Now this program promtly failed at the second
> function which tried to setcred after pam_start call. The error code was
> 6 (I think it is NO PERMISSION?)  I ran this program on a RH 7.1 which
> use PAM 0.74, and it succeeded. I downgraded my PAM installation on the
> LFS machine to 0.74, and the program works.

Hmm.  This is rather unfortunate.  GDM should *not* be calling pam_end()
between the calls to pam_authenticate() and pam_setcred(); the pam_handle
created by pam_start() is used by PAM to store internal state which must be
retained between PAM calls.

What does your PAM config look like for the gdm service (/etc/pam.d/gdm)?  It
is probably a specific PAM module that's failing in your case, rather than the
PAM library itself.

Steve Langasek
postmodern programmer

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []