Re: Pam Errors
Here we go
root@winetka:~# cat /etc/pam.d/common-*
#
# /etc/pam.d/common-account - authorization settings common to all
# services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
account required pam_unix.so
#
# /etc/pam.d/common-auth - authentication settings common to all
# services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
auth required pam_unix.so nullok_secure
#
# /etc/pam.d/common-password - password-related modules common to all
# services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
#used to change user passwords. The default is pam_unix
# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords)
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs. Also the "min" and "max" options enforce the length of
# the
# new password.
password required pam_unix.so nullok obscure min=4 max=8 md5
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
#
# password required pam_cracklib.so retry=3 minlen=6 difok=3
# password required pam_unix.so use_authtok nullok md5
#
# /etc/pam.d/common-session - session-related modules common to all
# services
#
# This file is included from other service-specific PAM config
# files,
# and should contain a list of modules that define tasks to be
# performed
# at the start and end of sessions of *any* kind (both interactive
# and
# non-interactive). The default is pam_unix.
#
session required pam_unix.so
root@winetka:~# cat /etc/pam.d/common-*
#
# /etc/pam.d/common-account - authorization settings common to all
# services
#
# This file is included from other service-specific PAM config
# files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system. The default is
# to
# only deny service to users whose accounts are expired in
# /etc/shadow.
#
account required pam_unix.so
#
# /etc/pam.d/common-auth - authentication settings common to all
# services
#
# This file is included from other service-specific PAM config
# files,
# and should contain a list of the authentication modules that
# define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use
# the
# traditional Unix authentication mechanisms.
#
auth required pam_unix.so nullok_secure
#
# /etc/pam.d/common-password - password-related modules common to
# all services
#
# This file is included from other service-specific PAM config
# files,
# and should contain a list of modules that define the services to
# be
#used to change user passwords. The default is pam_unix
# The "nullok" option allows users to change an empty password,
# else
# empty passwords are treated as locked accounts.
#
# (Add `md5' after the module name to enable MD5 passwords)
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB'
# option in
# login.defs. Also the "min" and "max" options enforce the length
# of the
# new password.
password required pam_unix.so nullok obscure min=4 max=8 md5
# Alternate strength checking for password. Note that this
# requires the libpam-cracklib package to be installed.
# You will need to comment out the password line above and
# uncomment the next two in order to use this.
# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
#
# password required pam_cracklib.so retry=3 minlen=6
# difok=3
# password required pam_unix.so use_authtok nullok md5
#
# /etc/pam.d/common-session - session-related modules common to
# all services
#
# This file is included from other service-specific PAM config
# files,
# and should contain a list of modules that define tasks to be
# performed
# at the start and end of sessions of *any* kind (both
# interactive and
# non-interactive). The default is pam_unix.
#
session required pam_unix.so
root@winetka:~#
And here is pam.conf
Contains nothing
# ---------------------------------------------------------------------------#
# /etc/pam.conf
# #
# ---------------------------------------------------------------------------#
#
# NOTE
# ----
#
# NOTE: Most program use a file under the /etc/pam.d/ directory to setup
# their
# PAM service modules. This file is used, but not recommended
# ---------------------------------------------------------------------------#
# Format:
# serv. module ctrl module [path] ...[args..]
# #
# name type flag
On Thu, Nov 25, 2004 at 08:26:16PM -0500, Adam Aube wrote:
> Simon Collyer wrote:
>
> > I seem to be having some issues with Pam correctly working on
> > my debian sarge system.
>
> > I had pam working for smtp auth, samba etc but now I cannot
> > authenticate using these systems, even su brings up errors
>
> > root@winetka:~# passwd libby
> > passwd: Authentication service cannot retrieve authentication info.
>
> Post the contents of the /etc/pam.d/common-* files, and if /etc/pam.conf has
> any uncommented lines, post that as well.
>
> Adam
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: