[Spacewalk-list] NOCpulse::SetID
Marcus Moeller
mail at marcus-moeller.de
Fri Nov 20 13:33:25 UTC 2009
Hi all.
We have some problems with NOCpulse::SetID and Kerberos/LDAP Authentication.
Our server is configured to allow uid <500 to be authenticated locally, in /etc/pam.d/system-auth:
auth requisite pam_succeed_if.so uid >= 500 quiet
gogo.pl (which makes use of SetID) is started with nocpulse username as parameter and the user id of nocpulse is 101 with gid 102. So, normally the Kerberos/LDAP Servers should not be queried.
A simple su - nocpulse from commandline works fine, too.
Despite, from a gogo.pl strace, SetID is continuously trying to access our LDAP servers
10291 getsockname(5, {sa_family=AF_INET, sin_port=htons(47740), sin_addr=inet_addr("xx.xx.xx.xx")}, [9583941490611060752]) = 0
10291 getpeername(5, {sa_family=AF_INET, sin_port=htons(389), sin_addr=inet_addr("yy.yy.yy.yy")}, [68719476752]) = 0
Any idea?
Best Regards
Marcus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3253 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20091120/98f29b9c/attachment.p7s>
More information about the Spacewalk-list
mailing list