Yes, I have both of these options enabled: logdir <somedir> debug 256
The logdir is filled with empty files that, in the name of the file, has the pid of the pam process. However, these files are empty and they do not have anything in them. Thoughts? -james On Fri, Nov 5, 2010 at 12:49, Ward Poelmans <[email protected]> wrote: > On Fri, Nov 5, 2010 at 17:41, James <[email protected]> wrote: >> It seems that the LDAP is failing to work, as well, in CentOS 5 -- >> same ldap.conf file that (a) fails in Gentoo, and (b) works in Ubuntu. >> >> What's the best way to star troubleshooting this from a PAM perspective? >> >> I have a debug line set at the bottom of the ldap.conf file, but that >> doesn't seem to be giving me enough information. Also, I've set >> 'debug' at the end of every line in my /etc/pam.d/system-auth file, to >> no avail. Nothing is showing up in /var/log/debug -- PAM indicates >> that the 'debug' keyword sends messages to syslog for processing. > > adding the debug keyword to the pam module doesn't do anything but in > ldap.conf: > logdir <directory> > Specifies the directory used for logging by the LDAP client > library. This feature is not supported by all client libraries. > debug <level> > Specifies the debug level used for logging by the LDAP client > library. This feature is not supported by all client libraries, and > does not apply to the nss_ldap and pam_ldap modules themselves > (debugging, if any, is configured separately and usually at compile > time). > > Ward > >
