Re: [hylafax-users] Hylafax+ 5.1.1 with pam_winbind Debian

[Rick Romero <rick@xxxxxxxxxxxx>]

On Mon, 2007-04-09 at 12:32 -0700, Lee Howard wrote:
> Rick Romero wrote:
> 
> >Apr  9 10:13:33 localhost hfaxd[32636]: pam_authenticate failed in
> >pamCheck with 0x7: Authentication failure
> >Apr  9 10:13:33 localhost *** glibc detected *** corrupted double-linked
> >list: 0x08098018 ***
> >
> 
> The error "pam_authenticate failed in pamCheck with 0x7: Authentication 
> failure" is fairly clear.  pam_authenticate (PAM function to 
> authenticate the user/pass) is failing and returning 0x7 which, 
> translated, means "Authentication failure".  And that's perhaps a fairly 
> generic-sounding error-message to get from a "pam_authenticate" 
> function, but it typically just means that your username or password are 
> not matching up.  In any case, the authentication failure is a matter to 
> resolve with your underlying PAM configuration or authentication mechanism.

I would concur, and just to be sure, I'm able to authenticate via ssh
using pam_winbind.  I get kicked out for some reason (no shell?), but my
home directory is created per the mk_homedir module.  AFAICT, the pam
module is functional per the auth.log:

Apr  9 16:03:40 localhost pam_winbind[20801]: user 'ricktest' granted
access
Apr  9 16:03:40 localhost sshd[20798]: Accepted keyboard-interactive/pam
for ricktest from 127.0.0.1 port 32855 ssh2
Apr  9 16:03:40 localhost sshd[20802]: (pam_unix) session opened for
user ricktest by (uid=0)
Apr  9 16:03:40 localhost sshd[20802]: (pam_unix) session closed for
user ricktest

Trying Hylafax immediately afterwards gives me:

Apr  9 16:04:04 localhost HylaFAX[20756]: (pam_unix) authentication
failure; logname= uid=0 euid=0 tty= ruser= rhost=172.16.1.82
user=ricktest
  (I assume this is the 'blank' password try)
Apr  9 16:04:04 localhost pam_winbind[20756]: user 'ricktest' granted
access
Apr  9 16:04:06 localhost HylaFAX[20756]: (pam_unix) auth could not
identify password for [ricktest]
Apr  9 16:04:06 localhost pam_winbind[20756]: Could not retrieve user's
password

My syslog, which is what I pasted before, still shows the same:
Apr  9 16:04:04 localhost HylaFAX[20756]: PAM checking user "ricktest"
pass "test123!" from "172.16.1.82"
Apr  9 16:04:06 localhost hfaxd[20756]: pam_authenticate failed in
pamCheck with 0x7: Authentication failure
Apr  9 16:04:06 localhost HylaFAX[20756]: Login failed from
programmingts.nmsasap.com [172.16.1.82], ricktest
Apr  9 16:04:06 localhost HylaFAX[20756]: PAM checking user "ricktest"
pass "(null)" from "172.16.1.82"
Apr  9 16:04:06 localhost hfaxd[20756]: pam_authenticate failed in
pamCheck with 0x13: Conversation error

Which definitely looks like a Pam error, when not combined with the
auth.log and working ssh :/

> As for the "corrupted double-linked list" message ... that indicates 
> either a bug in HylaFAX code or in the PAM library... but it's probably 
> benign, and will probably not be there when you resolve your PAM issue.

I'm sure it's not benign, as it completely kills the open connection.
JHylafax crashes as if the connection was closed by the hylafax server.

> I've just run HylaFAX+ 5.1.2 hfaxd under valgrind and reproduced the 
> pam_authenticate error (by typing in a bogus password), but I didn't see 
> anything that would warn me of a corrupted pointer list.  So, you may 
> want to try updating your PAM library.

I did that too.  It's possible pam_winbind wasn't working before I've
made my latest changes, but now I've got SSH working, so there has to be
something fishy with Hylafax.

Rick


____________________ HylaFAX(tm) Users Mailing List _______________________
  To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
 On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
  *To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*