[Cialug] SSSd Under Ubuntu Natty

Jonathan C. Bailey jbailey at co.marshall.ia.us
Thu Jun 2 16:31:34 CDT 2011


Hello,

I'm trying to set up SSSd under Ubuntu Natty (from https://launchpad.net/~fabricesp/+archive/experimental). So far, SSSd seems to work fine on its own (can authenticate users fine, etc). My problem is that having pam_sss and pam_unix enabled at the same time prevents me from logging in. auth.log shows a success message from pam_sss, then "Authentication Failure" (with no other helpful data). Using pam-auth-update to disable pam_unix (and use pam_sss only) results in a working config, but I still need local accounts.

The relevant common-auth (where I expect the problem is) is:
auth [success=2 default=ignore] pam_sss.so
auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so

With pam_unix disabled (and then pam_sss works fine):
auth [success=1 default=ignore] pam_sss.so
auth requisite pam_deny.so
auth required pam_permit.so


Has anyone set up SSS or is enough of a PAM guru to take a stab at this?

-Jon


More information about the Cialug mailing list