On 15. nov. 2011 14:44, Stephen Gallagher wrote: > > It should be working with *just* PAMAuthentication. Can you check to see > if /var/log/secure is showing any errors during login? > > Also, please attach your /etc/pam.d/pure-ftpd > and /etc/pam.d/password-auth files so we can see if they're > misconfigured. >
Thanks (again) for helping out. The server is a completely fresh install of F16, so no config-files should be left from old installations. Auth is set up with authconfig. I do get an error from pam_unix when the user tries to log in - but I get that for all services: pure-ftp: Nov 14 14:01:22 poseidon pure-ftpd: pam_unix(pure-ftpd:auth): authentication failure; logname= uid=0 euid=0 tty=pure-ftpd ruser=olen rhost= user=olen Nov 14 14:01:23 poseidon pure-ftpd: pam_sss(pure-ftpd:auth): authentication success; logname= uid=0 euid=0 tty=pure-ftpd ruser=olen rhost= user=olen I get the same with dovecot: Nov 15 15:10:20 poseidon auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=olen rhost=::1 user=olen Nov 15 15:10:21 poseidon auth: pam_sss(dovecot:auth): authentication success; logname= uid=0 euid=0 tty=dovecot ruser=olen rhost=::1 user=olen /etc/pam.d/pure-ftpd #%PAM-1.0 # Sample PAM configuration file for Pure-FTPd. # Install it in /etc/pam.d/pure-ftpd or add to /etc/pam.conf auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth include password-auth auth required pam_shells.so auth required pam_nologin.so account include password-auth password include password-auth session required pam_loginuid.so session include password-auth /etc/pam.d/password-auth is a symlink to password-auth-ac /etc/pam.d/password-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_sss.so use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_sss.so /Ola (T) -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
