|
From: | Hakanson, David J. |
Subject: | [Help-gnu-radius] PAM with GNU radius |
Date: | Fri, 30 Aug 2002 13:56:53 -0500 |
I am trying to set up a radius server (GNU radius) using PAM (krb5) for authentication. I am having problems doing radius auths since the account part fails. My pam radius file looks like:
auth sufficient /lib/security/pam_krb5.so use_authtok auth required /lib/security/pam_deny.so
account required /lib/security/pam_permit.so session required /lib/security/pam_permit.so
When I do a radius auth the authentication goes through without a problem but then denies me with the error: “pam_krb5: unable to determine uid/gid for user” and then “pam_krb5: authentication fails for user”. Is there any way that I can completely bypass the account/session portion of PAM? Since all I am doing is using PAM for authentication and not authorization I don’t need the uid/gid information at all. I also tried
“account [default=ignore success=ignore user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_unix.so”
and it did not help. Any ideas? Thanks,
David
|
[Prev in Thread] | Current Thread | [Next in Thread] |