-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Valerio Daelli wrote: | On Mon, Mar 17, 2008 at 5:03 PM, Daniel Bond <[EMAIL PROTECTED]> wrote: |> -----BEGIN PGP SIGNED MESSAGE----- |> Hash: SHA1 |> |> Hi, |> Now, if I uncomment the line with pam_mkhomedir.so on it, logins stop to |> work. In /var/log/auth.log I now see two lines appearing: |> |> Mar 17 16:46:40 webmail sshd[98923]: nss_ldap: could not search LDAP |> server - Server is unavailable |> Mar 17 16:46:40 webmail sshd[98923]: error: PAM: pam_open_session(): |> error in service module | | Hi | not sure if this may solve your problem. We found a similar problem | on FreeBSD 7.0 with pam_mkhomedir.so and sshd. We solved using pam_exec.so | and a custom shell script to create the home directories. | Hope this help | | Valerio Daelli | _______________________________________________ | [email protected] mailing list | http://lists.freebsd.org/mailman/listinfo/freebsd-stable | To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hi, thanks for the quick reply. This is a workaround that addresses the issue of users homedir not existing upon login-time, but there seems to be a serious problem in the underlying pam_ldap/nss_ldap modules somewhere. I've noticed after posting the previous post that ssh-pubkey/ssh-password authentication no longer works with PAM/ldap-setups, which I need for our external developers. I *really* want to find the underlying issue in this case, and resolve it. I have got some days off in the easter where I will look deeper into it, hoping to find an underlying issue, and create a patch. My only concern is not being able to find the bug, so I'm very happy for any suggestions on how to track this down, or any suspicions to what could be causing the problem. Cheers and happy Easter, Daniel Bond. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH35POUR3pKhqN0EoRApSkAJ9ywSzttH+VJTRrVQLtRvIXcwvyJgCeKkcO BuqV2YXaP+u8ve4tbyfInj8= =YMBU -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
