Re: Problem dialing in w/AutoPPP/PAP! Help!
On Mon, Jan 26, 1998 at 01:53:01PM -0600, Jeff Noxon wrote:
> >
> > And it worked using pap-secrets:
> >
> > * hostname "" *
>
> FYI, I'm using lines like:
>
> jeff * "" *
> steve * "" *
> tom * "" *
>
> Since I don't want all my accounts to be PPP-able.
>
> > It doesn't work without the leading * (maybe it's a bug in the
> > pap-secrets parser, but it's not a real problem).
>
> I don't think that's a bug. I think the format is:
>
> <username> <hostname or asterisk> "<password>" <ip address?>
>
Right, but the manual says that the ip address can be absent, but it
can't.
> > I don't know if a ppp-shadow package will be needed or if there's
> > another way to build a debian package usable for SHADOW and not SHADOW
> > systems (i've started with debian development only to see what
> > happended with the ppp daemon, i'm sure that Phil should have the
> > answer, but as he states, maybe PAM support is the way to do it).
>
> I think the is the fundamental problem. You can't have it both ways
> without two different packages. *BUT* the PAM version *should* work
> both ways. IMHO there should only be a PAM version. Make that one work,
> and forget the rest. Is there a reason NOT to use PAM?
I don't know, but i think i've read messages telling PAM wasn't as
good as ist's supposed to be, i need to work with it to tell you.
> When I turned off Shadow to make PPP work, it broke checkpassword,
> a binary used by Qmail's POP3 daemon. I applied PAM patches to
> checkpassword, and it now functions correctly whether Shadow is enabled
> or not.
>
> > > It this the case with ppp-pam installed ?
> >
> > Yes, it fails for me, but i haven't used PAM before and i don't know
> > where is the problem. If time permits i'll try to find the bug in the
> > code.
>
> Since I have PAM working with checkpassword, I don't know why it isn't
> working with PPP.
I've found the point where the problem appears, but i've to read all
the PAM docs to understand it. Phil uses a null funcion called
'pam_conv' and he says it doesn't has to be called, but it is called
in the 'pam_authenticate()' function when validating the user. If
changed it to return PAM_SUCCESS but the pam_authenticate() generates
the same error: PAM_CONV_ERR.
I don't know where is the bug, but i think there's sometring wrong
in the way the PAM methods are called, maybe looking at some other PAM
enabled application will help ...
Cheers,
Sergio
--
=============================================================================
| Sergio Talens-Oliag, Systems & Network Administrator. |
| |
| Instituto Valenciano de Investigaciones Agrarias (IVIA) |
| Carretera Moncada - Naquera, Km. 4,5 Telf: +34 6 139 10 00 |
| Apartado Oficial, 46113 Moncada (Valencia) mailto:sto@ivia.es |
| SPAIN http://www.ivia.es/~sto |
=============================================================================
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: