Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Weird Authentication Failure



On Wed, May 26, 2010 at 4:36 PM, Richard Pieri <richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> I have a batch of Intel boxes running Scientific Linux 4.4 (a re-spin of RHELv4.4) that I am in the process of updating to SL 5.4 (a re-spin of RHELv5.4). ?We have a bunch of visitor accounts (ie "vis101") that work on the 4.4 machines but not the 5.4 machines. ?These accounts exist in LDAP & Kerberos, they are identical to the regular accounts used by permanent people.
>
> Now, here's the wacky thing. ?All of the LDAP and Kerberos data is correct. ?If I log in as root, su to the account and kinit, the authentication works. ?I can ?generate tickets as that principle, do everything normally. ?If I log in as myself (non-root) and su, I get an invalid password error. ?I get the same error if I try to log in on console or via SSH. ?I suspect something in PAM but I cannot for the life of me identify it.
>
> Any thoughts as to where to go poking around for configuration changes or fixes?

First, I would try to figure out why root can "su" to these accounts
and your regular account can't.  Maybe try
running it under "strace" and see how the system call patterns differ.

Bill Bogstad







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org