|
From: | Pavel Pragin |
Subject: | [Nss-mysql-users] nss-mysql, pam, apache help |
Date: | Tue, 30 Oct 2007 15:34:30 -0700 |
I am having problems with PAM/MySQL authentication. I have no problems logging in to the svn server thought ssh
and authentication via the PAM server works. However when I use PAM to
authenticate through SVN I am getting DB errors in the logs. Looking at the
MySQL query logs I can see that the (Password) query that is being issued to
MySQL is incomplete. As far as I know all Apache and Pam config
files are correct. I decided to compare the mysql query logs on the currently
working server and the new not working server . This comparison is in the end
of the e-mail and this how I came to the conclusion that the query is
incomplete. Auth log on SVN server (svntest): Oct 29 03:46:08 svntest nss-mysql[9707]:
_nss_mysql_getspnam_r conf file parsing failed Oct 29 03:46:08 svntest nss-mysql[9707]: (pam_unix)
authentication failure; logname= uid=33 euid=33 tty= ruser=
rhost=192.168. 6.43 user=ppragin Oct 29 03:46:08 svntest nss-mysql[9707]: pam_mysql - MySQL
error(You have an error in your SQL syntax; check the manual that
c orresponds to your MySQL server version for the right syntax
to use near 'FROM WHERE user.user_name = 'ppragin'' at line 1) Apache log on SVN server(svntest): [Mon Oct 29 03:17:49 2007] [error] [client 192.168.]
(9)Bad file descriptor: Could not open password file: (null) [Mon Oct 29 03:17:52 2007] [error] [client 192.168.] PAM:
user 'ppragin' - not authenticated: Error in service module Mysql query log from Pam server when running svn
checkout from server (svntest): 131 Connect address@hidden on nss_mysql 131 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and user.status
= 'A' order by user.uid 132 Connect address@hidden
on nss_mysql 132 Init DB nss_mysql 132 Query SELECT
FROM WHERE user.user_name = 'ppragin' 132 Quit Mysql query log from Pam server when running svn
checkout from server (newsvn): 753 Connect address@hidden on
nss_mysql 753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and user.status = 'A' order by
user.uid 753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin' and user.uid is not null and user.status = 'A' order by
user.uid 754 Connect address@hidden on
nss_mysql 754 Init DB nss_mysql 754 Query SELECT
user.Password FROM user WHERE user.user_name='ppragin' 754 Quit The difference: (svntest server)
132
Query SELECT FROM WHERE
user.user_name = 'ppragin' (newsvn server) 754
Query SELECT user.Password FROM user WHERE
user.user_name='ppragin' I can understand why “user.Password” is missing.
This is how the password is acquired from table “user” field
“Password”. This is why authentication is failing. One thing I
don’t understand is where the information provided for this query comes
from. I don’t see any mention of “user.Password”
in any of the config files. Maybe I am missing a step? Any ideas? Pavel
|
[Prev in Thread] | Current Thread | [Next in Thread] |