[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_authenticate only works when logged in as root



We use pam_authenticate to authenticate users logging into our software product. On most systems, this has worked splendidly, however on one customer's installation, authentication only succeeds if the process calling pam_authenticate is running as root or else if the username being authenticated is the same as the process' UID.

For instance:

process running as 'someuser':
pam_authenticate "someuser" with correct password: SUCCESS
pam_authenticate "otheruser" with correct password: FAILURE
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

process running as 'otheruser':
pam_authenticate "someuser" with correct password: FAILURE
pam_authenticate "otheruser" with correct password: SUCCESS
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

process running as 'root':
pam_authenticate "someuser" with correct password: SUCCESS
pam_authenticate "otheruser" with correct password: SUCCESS
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

In every case of FAILURE pam_strerror returns "Authentication failure"

They are using RedHat Enterprise 3 (kernel 2.4.20)

Their configuration (via authconfig):
(User Information Configuration):
Cache Information: no
Use NIS: no
Use LDAP: no
Use Hesiod: no

(Authentication Configuration):
Use Shadow Passwords: *YES*
Use MD5 Passwords: *YES*
Use LDAP Authentication: no
Use Kerberos 5: no
Use SMB Authentication: no

Any thoughts? Any suggestions where to look? I'm assuming it's some sort of file permission issue, but I can't figure out what it might be.

Steve Bush

--
Steve Bush (mazer1310 hotmail com)
"There was a point to this narrative, but it has presently escaped the chronicler's mind." --Douglas Adams



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]