Hi, Iam sorry my observation was wrong. I debugged the problem, it looks strange, these are my findings :
I have my PAM rules for my service as auth required /lib/security/pam_securetty.so auth required pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so The pam_unix module returns authentication failure from pam_unix.so from pam_stack.so , hence the control reaches pam_nologin.so. The same rules work well with telnet/ftp , but fails for my service I have checked the username, password passed to PAM module by changing the sources of pam_nologin.so, they are proper. I didnt had sources for pam_unix, so iam not able to detect the exact problem. My suspect is that my application using my PAM service might have done some fd leaks or any other problem. But the max fds open by my application are 185 which is still below max limit(OPEN_MAX) Restarting the application resolves the problem and iam able to authenticate user can anyone help me what could be the problem. Thanks and Best Regards, On Wed, Feb 25, 2009 at 1:11 AM, Dag-Erling Smørgrav <[email protected]> wrote: > Ivan Grover <[email protected]> writes: > > Now, after upgrading PAM modules (pam_unix.so, pam_stack.so..) and > > library [...] > > Upgrading from what to what? > > Have you tried the standard debugging procedure? > > DES > -- > Dag-Erling Smørgrav - [email protected] > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
