On Wed, Mar 16, 2016 at 11:12:24PM -0000, Josh England wrote: > /var/log/secure has this: > Mar 16 15:26:39 gen1 sshd[27930]: pam_unix(sshd:session): session opened for > user josh by (uid=0)
Can you check /etc/ssh/sshd_config if 'UsePAM' is accidentally set to 'no'? It must be 'yes'. Can you check if there is a user in /etc/passwd called 'joebob' ? HTH bye, Sumit > > It's coming from pam_unix though, not pam_sss. I do have pam_sss in the pam > stack (see original post), and the exact same config works on another system. > My sssd_pam.log shows this: > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_cmd_open_session] (0x0100): > entering pam_cmd_open_session > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): > name 'joebob' matched without domain, user is joebob > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): command: > PAM_OPEN_SESSION > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): domain: not > set > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): user: joebob > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): service: > sshd > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser: not > set > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost: > fadmin1-24.tgsw > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok > type: 0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): newauthtok > type: 0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: > 28220 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): logon name: > joebob > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_ncache_check_str] (0x2000): > Checking negative cache for [NCE/USER/ldap/joebob] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_initgr_check_timeout] (0x4000): > User [joebob] not found in PAM cache. > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_dp_issue_request] (0x0400): > Issuing request for [0x40d1c0:3:joebob@ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_dp_get_account_msg] (0x0400): > Creating request for [ldap][3][1][name=joebob] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x18a4ec0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_dp_internal_get_send] (0x0400): > Entering request [0x40d1c0:3:joebob@ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000): > 0x18a4ec0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn: > 0x18a5e00 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_dispatch] (0x4000): Dispatching. > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got reply > from Data Provider - DP error code: 0 errno: 0 error message: Success > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_check_user_search] (0x0100): > Requesting info for [joebob@ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [ldb] (0x4000): Added timed event > "ltdb_callback": 0x18b2e30 > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [ldb] (0x4000): Added timed event > "ltdb_timeout": 0x18a5c20 > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [ldb] (0x4000): Running timer event > 0x18b2e30 "ltdb_callback" > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer event > 0x18a5c20 "ltdb_timeout" > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event > 0x18b2e30 "ltdb_callback" > > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_check_user_search] (0x0400): > Returning info for user [joebob@ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_initgr_cache_set] (0x2000): > [joebob] added to PAM initgroup cache > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending > request with the following data: > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): command: > PAM_OPEN_SESSION > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): domain: ldap > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): user: joebob > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): service: > sshd > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser: not > set > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost: > fadmin1-24.tgsw > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok > type: 0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): newauthtok > type: 0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: > 28220 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_print_data] (0x0100): logon name: > joebob > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x18ae680 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_dom_forwarder] (0x0100): > pam_dp_send_req returned 0 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sss_dp_req_destructor] (0x0400): > Deleting request: [0x40d1c0:3:joebob@ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000): > 0x18ae680 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn: > 0x18a5e00 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [sbus_dispatch] (0x4000): Dispatching. > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_dp_process_reply] (0x0100): > received: [0][ldap] > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_reply] (0x0200): pam_reply called > with result [0]. > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [pam_reply] (0x0200): blen: 21 > (Wed Mar 16 15:36:51 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle > timer re-set for client [0x18b3aa0][19] > (Wed Mar 16 15:36:55 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn: > 0x18a4c70 > (Wed Mar 16 15:36:55 2016) [sssd[pam]] [sbus_dispatch] (0x4000): Dispatching. > (Wed Mar 16 15:36:55 2016) [sssd[pam]] [sbus_message_handler] (0x4000): > Received SBUS method [ping] > (Wed Mar 16 15:36:55 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000): > Not a sysbus message, quit > (Wed Mar 16 15:36:55 2016) [sssd[pam]] [sbus_handler_got_caller_id] (0x4000): > Received SBUS method [ping] > (Wed Mar 16 15:36:56 2016) [sssd[pam]] [pam_initgr_cache_remove] (0x2000): > [joebob] removed from PAM initgroup cache > > -JE > > P.S. sorry if this is a repost > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/admin/lists/[email protected] _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
