[Bug 930916] Re: amavis start-stop script fails to stop amavisd

[Mike Conigliaro]

The changes in #8 work for me too.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to amavisd-new in Ubuntu.
https://bugs.launchpad.net/bugs/930916

Title:
  amavis start-stop script fails to stop amavisd

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/amavisd-new/+bug/930916/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 562388] [NEW] Authentication failure on successful login when using LDAP authentication

[Mike Conigliaro]

Public bug reported:

Binary package hint: libpam-ldap

I've configured LDAP authentication for my ubuntu 9.10 clients using the
following (recommended?) method:

# /usr/sbin/auth-client-config -p lac_ldap -t nss
# echo libpam-runtime libpam-runtime/profiles multiselect unix, ldap, 
consolekit | /usr/bin/debconf-set-selections
# /usr/sbin/pam-auth-update --package

Now LDAP authentication works fine, but I see authentication failures
like the following in my logs:

Apr 13 15:35:38 example01 sshd[15860]: pam_unix(sshd:auth): authentication 
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=example.com  user=mikec
Apr 13 15:35:38 example01 sshd[15860]: Accepted password for mikec from 1.2.3.4 
port 49507 ssh2
Apr 13 15:35:38 example01 sshd[15860]: pam_unix(sshd:session): session opened 
for user mikec by (uid=0)

As you can see, a failure message is always logged even though
authentication was successful. Is this the expected behavior?

I'm not a PAM expert, so I don't completely understand what's happening
in /etc/pam.d/common-auth, but since this only occurs for LDAP users, my
hunch is that local auth is attempted first (which fails and logs the
above error message), then LDAP auth is attempted and succeeds. If
that's the case, is there a way to suppress the failure from the local
auth attempt? This is important for packages like fail2ban which rely on
these log messages. At the moment, it's possible to get locked out of a
machine by having too many *successful* logins.

** Affects: libpam-ldap (Ubuntu)
 Importance: Undecided
 Status: New

** Summary changed:

- Authentication failures on sucessful login when using LDAP authentication
+ Authentication failure on successful login when using LDAP authentication

-- 
Authentication failure on successful login when using LDAP authentication
https://bugs.launchpad.net/bugs/562388
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs