[WBEL-users] xscreensaver/LDAP problem

Jim Buchanan bz73lg at eng.delcoelect.com
Tue Feb 1 06:25:52 CST 2005 

On Mon, Jan 31, 2005 at 04:00:41PM -0600, John Morris wrote:
> On Thu, 2005-01-27 at 08:19, Jim Buchanan wrote:
> 
> > The problem is that we can't find a way to get xscreensaver to unlock
> > using PAM/LDAP. We've tried everything we've thought of in the
> > /etc/pam.d/xscreensaver file, it seems to make no difference. I'm
> > wondering if the file is even read, as gross errors in the file do not
> > change how xscreensaver behaves.
> 
> Well, had a quick look and /usr/X11R6/bin/xscreensaver does link to
> libpam.  Other than that I'll let a wizard answer why it doesn't seem to
> actually be using pam.

I've been looking at the source and reading the documents referenced
in the comments.

The service passed to pam_start is xscreensaver, which is correct, or
at least what is needed for /etc/pam.d/xscreensaver to be read.

By using verbose mode (xscreensaver -nosplash -v), I see that when
authentication fails on an LDAP password, pam_authenticate() is
returning 7, "Authentication Failure".

Putting a bogus module in /etc/pam.d/xscreensaver file results in 28
"Module Unknown" from pam_authenticate(), indicating that
/etc/pam.d/xscreensaver is indeed being read. Kind of a roundabout
test, but I was more interested in the output of pam_authenticate at
that point.

Even with "auth  required  pam_bogus_module.so" in
/etc/pamd.d/xscreensaver I can unlock the screen using the NIS
password (NIS is still needed until we get everything authenticating
with LDAP).

> Eh?  Both the original 3.0 and the 3.0-Respin1 releases include
> xscreensaver-4.10-4.WB1.src.rpm and the updates tree has
> xscreensaver-4.10-8.WB1.src.rpm listed.

I'll have to look again, I've been wrong before, thanks for letting me
know this.

-- 
Jim Buchanan                                   bz73lg at eng.delcoelect.com
========================================================================
"I've been higher than stardust, I've been seen upon the sun.
 I used to count in millions then, now I only count in ones."
 -Ronnie James Dio
========================================================================

More information about the Whitebox-users mailing list