Solaris 8 compat mode

Aaron Spangler as at insight.rr.com
Sat Feb 8 16:29:59 EST 2003 

Hmm...

auth.debug should also include things like
pam_start()
pam_setitem()
and also the results of the individual pam modules that pam loads and unloads.
There should be more debugging available.

You might also ask yourself some questions such as:

1) Are you using a password that contains punctuation? These characters (such as
!@#$%^&* ) were the predicessors to kill, intr, suspend (^U, ^C, ^Z).  In some rare
cases on SVR4 based systems I have seen telnetd & rlogind treat these differently.

For example.  Telnet <remotebox>
login: <username>
password: <myp at ssword>

On some unpatched systems, the @ character means "erase to beginning of line" and
is treated like a ctrl-u.  So your real password is only "ssword".  Once you are
logged in, the profile usually corrects these stty setttings.

2) Also is your password more than 8 characters long?  In rare cases this causes
problems on solaris if you are using something other than crypt() for your
passwords.
Temporarily sprinkling a printf near the tgetpass() call in the auth/pam.c code
might also help debug what is going in and out of PAM.

I hope some of these fragments of thought give you some possible avenues to debug.

 - Aaron

Greene Jason-RB512C wrote:

> Yeah...I got that far...unfortunantly the output is not much help to me.
>
> Feb  6 12:20:55 machine1 sudo[504]: [ID 888916 user.debug] unix pam_sm_authenti
> cate(sudo rb512c), flags = 80000000
> Feb  6 12:21:00 machine1 sudo[504]: [ID 427203 user.debug] pam_authenticate: er
> ror Authentication failed
> Feb  6 12:21:00 machine1 sudo[504]: [ID 888916 user.debug] unix pam_sm_authenti
> cate(sudo rb512c), flags = 80000000
> Feb  6 12:21:05 machine1 sudo[504]: [ID 427203 user.debug] pam_authenticate: er
> ror Authentication failed
> Feb  6 12:21:05 machine1 sudo[504]: [ID 888916 user.debug] unix pam_sm_authenti
> cate(sudo rb512c), flags = 80000000
> Feb  6 12:21:09 machine1 sudo[504]: [ID 427203 user.debug] pam_authenticate: er
> ror Authentication failed
>
> -----Original Message-----
> From: Aaron Spangler [mailto:as at insight.rr.com]
> Sent: Thursday, February 06, 2003 5:48 PM
> To: Greene Jason-RB512C
> Cc: sudo-users at sudo.ws
> Subject: Re: Solaris 8 compat mode
>
> If you want to do pam debugging on solaris 8, do the following:
>
> 1) Add "auth.debug /etc/pam_debug" to /etc/syslog.conf
> 2) restart syslog
> 3) touch /etc/pam_debug
> 4) tail -f /etc/pam_debug &

More information about the sudo-users mailing list