Unix/Linux Go Back    


Gentoo Gentoo Linux is a versatile and fast, completely free Linux distribution geared towards developers and network professionals.

LDAP-Auth does not work correctly with systemd

Gentoo


Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 03-02-2014
darktux darktux is offline
Registered User
 
Join Date: Oct 2012
Last Activity: 11 December 2016, 9:53 AM EST
Location: Austria
Posts: 17
Thanks: 0
Thanked 1 Time in 1 Post
LDAP-Auth does not work correctly with systemd

Hi,

since the upgrade to Gnome 3.6 (now i have 3.8) the authentication over LDAP stops working. The whole machine does not start anymore. The machine boot, but no gdm and no X. I can login, with root, but then the tty hangs. When i look at ttyF12 i see a lot of systemd service the runs random, start and stop, start and stop.

The only way to avoid the problem is, at shutdown to overwrite the nsswitch.conf with


Code:
passwd:      compat
shadow:      compat
group:       compat

When machine is starting the file will overwirte with this:


Code:
passwd:      compat ldap [notfound=continue]
shadow:      compat ldap [notfound=continue]
group:       compat ldap [notfound=continue]

So it works, but at this time i see no users in GDM. I can login at TTY but not in GDM. The only way to solve this, i must set the LDAPuserID in passwd for each user. Crazy.
I have done a lot of things to solve, but i doesn't found a solution. Here are my files:

nsswitch.conf

Code:
passwd:      compat ldap [notfound=continue]
shadow:      compat ldap [notfound=continue]
group:       compat ldap [notfound=continue]

#passwd:      compat
#shadow:      compat
#group:       compat

hosts:       files dns mdns6
networks:    files dns mdns6

services:    db files
protocols:   db files
rpc:         db files
ethers:      db files
netmasks:    files
netgroup:    files
bootparams:  files

automount:   files
aliases:     files

/etc/pam.d/system-auth

Code:
auth            sufficient      pam_ldap.so
#auth            sufficient      pam_ldap.so use_first_pass
auth            required        pam_env.so
auth            sufficient      pam_unix.so try_first_pass likeauth nullok
auth            required        pam_deny.so
#auth           optional        pam_permit.so

account         sufficient      pam_ldap.so
account         required        pam_unix.so
#account                optional        pam_permit.so

password        sufficient      pam_ldap.so use_authtok use_first_pass
password        required        pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password        sufficient      pam_unix.so try_first_pass use_authtok nullok sha512 shadow
auth            required        pam_deny.so
#password       optional        pam_permit.so

session         required        pam_limits.so
session         required        pam_env.so
session         required        pam_unix.so
session         optional        pam_ldap.so
session         required        pam_mkhomedir.so skel=/etc/skel umask=0077
#session                optional        pam_permit.so
session        optional        pam_systemd.so

Hope anyone can help me.
Thanks and Regards.
Sponsored Links
    #2  
Old Unix and Linux 03-04-2014
Perderabo's Unix or Linux Image
Perderabo Perderabo is offline Forum Staff  
Unix Daemon (Administrator Emeritus)
 
Join Date: Aug 2001
Last Activity: 26 February 2016, 12:31 PM EST
Location: Ashburn, Virginia
Posts: 9,931
Thanks: 64
Thanked 465 Times in 269 Posts
I don't use gentoo. I don't use systemd either. I think it is supposed to start services on demand and harvest unused ones. But it sounds like you have ldap screwed up. Have you checked your ldap.conf file. On RedHat it is /etc/ldap.conf.
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Configure Squid to use LDAP group auth to deny internet access wbdevilliers Emergency UNIX and Linux Support 1 09-16-2010 12:07 PM
Kerberos and LDAP Auth mariusb AIX 1 01-25-2010 06:53 AM
LDAP auth, secondary groups doesnt works sncr24 Red Hat 4 01-14-2009 09:26 AM
SSH + LDAP Auth Giving Fits AlexDeGruven AIX 1 08-29-2008 09:41 AM
iPlanet on HP-UX - WANT to auth aganist MS Directory Services/LDAP shuterj UNIX for Dummies Questions & Answers 1 02-18-2004 02:40 PM



All times are GMT -4. The time now is 10:57 PM.