xscreensaver
On Wed, Apr 23, 2008 at 06:36:02AM +1000, Alex Samad wrote:
> Hi
>
> I use xscreensaver 5.05-1, and I am using ldap users (nss-ldapd &
> pam-ldap). Just recently I have noticed that when I unlock xscreensaver
> I get
>
> permissions on the password database maybe too restrictive
>
> not sure where to look for this, xscreensaver seems to be the only app
> having problems
>
>
> I can
> getent passwd alex
> getent passwd
> getent groups
> id
> id alex
>
> but I have just realised I can't
> getent shadow
> getent shadow alex
>
> i see nothing,
>
> but I can
> sudo getent shadow
>
> I presume that is normal
>
>
I turned on xscreensaver verbose flag and found this
pam_conversation (...) ==> PAM_SUCCESS
xscreensaver: 06:43:16: pam_conversation (TEXT_INFO="Permissions on
the password database may be too restrictive.") .
this is in my common-auth
auth [success=1 default=ignore] pam_unix2.so
auth required pam_ldap.so use_first_pass
auth required pam_permit.so
I have added some debugging
with
auth [success=1 default=ignore] pam_unix2.so debug
and I have this in my logs now
Apr 23 06:54:58 hufpuf xscreensaver: pam_unix2(xscreensaver:auth):
pam_sm_authenticate() called
Apr 23 06:54:58 hufpuf xscreensaver: pam_unix2(xscreensaver:auth):
username=[alex]
Apr 23 06:54:59 hufpuf xscreensaver: pam_unix2(xscreensaver:auth): wrong
password, return PAM_AUTH_ERR
Apr 23 06:55:00 hufpuf xscreensaver: pam_unix2(xscreensaver:setcred):
pam_sm_setcred() called
Apr 23 06:55:00 hufpuf xscreensaver: pam_unix2(xscreensaver:setcred):
username=[alex]
Apr 23 06:55:00 hufpuf xscreensaver: pam_unix2(xscreensaver:setcred):
pam_sm_setcred: PAM_SUCCESS
Not sure who to report a bug against
Alex
|
