[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: redhat kerberos PAM

On Thu, Nov 09, 2000 at 04:13:44PM +1100, Brian May wrote:
> >>>>> "Brian" == Brian May <bam@snoopy.apana.org.au> writes:
>     Joel> I've managed to make Franck Cusack's PAM module work with
>     Joel> heimdal with only a small patch. You can find the module on
>     Joel> http://www.fcusack.com/ and my patch on
>     Joel> http://ns1.logidee.com/~joko/heimdal/
> I was playing around with this, but haven't been able to get it to work -
> the real killer was this:
> Nov  9 12:17:00 snoopy sshd[32542]: PAM unable to dlopen(/lib/security/pam_krb5.so)
> Nov  9 12:17:00 snoopy sshd[32542]: PAM [dlerror: /usr/lib/libroken.so.9: undefined symbol: res_search]
> Nov  9 12:17:00 snoopy sshd[32542]: PAM adding faulty module: /lib/security/pam_krb5.so

Wellll, this seems to indicate that that pam_krb5.so was not linked
properly, as res_search() is a function from the DNS resolver and, on
your host, that seems not to be in libc.

> So, now I am attempting to solve all the warnings. One seems a real
> problem:
> [902] [snoopy:bam] ~/source/notmine/pam-krb5-1.0/build >make pam_krb5_pass.o
> gcc -c -O2 -fPIC -Wall -I/opt/local/include pam_krb5_pass.c
> pam_krb5_pass.c: In function `pam_sm_chauthtok':
> pam_krb5_pass.c:72: warning: implicit declaration of function `error_message'
> pam_krb5_pass.c:131: warning: passing arg 5 of `krb5_get_init_creds_password' from incompatible pointer type
> This is because it defined pam_prompter as:
> krb5_error_code
> pam_prompter(krb5_context context, void *data, const char *name,
>              const char *banner, int num_prompts, krb5_prompt prompts[])

Cool! Hmmm, ok, I must take a look at this module now.

> Not sure where error_message is defined, no can I see any reference to
> res_search (this probably means I am missing a library).

Yes. On Solaris that would be libresolv.

> -- 
> Brian May <bam@snoopy.apana.org.au>