RE: Only guest login with 1.4.99 - complete message (first was tr uncated)

Subject: RE: Only guest login with 1.4.99 - complete message (first was tr uncated)
From: Michalowski Thierry (Thierry.Michalowski@edipresse.ch)
Date: Thu Oct 12 2000 - 12:11:46 EDT

• Next message: Jonathan Newman: "RE: Only guest login with 1.4.99 - complete message (first was truncated)"
• Previous message: Walt: "Re: Gigabit advice please"
• Next in thread: Jonathan Newman: "RE: Only guest login with 1.4.99 - complete message (first was truncated)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>The dhx binaries seem very small.

Indeed.

>What is the output of
>nm uams_dhx_pam.so

000002d4 t Letext
000012e0 A _DYNAMIC
000012d4 A _GLOBAL_OFFSET_TABLE_
00001338 A __bss_start
00001338 A _edata
00001338 A _end

>Is the configure script finding openssl? One way to check is to see
>if the config.h file generated has UAMS_DHX or OPENSSL_DHX defined.

Well, if I issue a "grep -i dhx config.h" this outputs:
/* #undef OPENSSL_DHX */
/* #undef UAM_DHX */

Which I suppose enables DHX since it does not disable it, but I may be wrong
in there?

>If you are "uncommenting" lines in the Makefile to make DHX work, then
>my guess is that the script isn't finding OpenSSL.

>Do you get cleartxt logins if you change the uams_clrtxt.so symlink to
>point to uams_passwd.so instead? e.g.

>uams_clrtxt.so -> uams_passwd.so

Well...
Your suggestion pushes the problem one step further, which is good.

I got cleartext login...which doesn't work, since netatalk says my password
is incorrect.
Anyway, I would think this is because shadow password support would not be
enabled by default (since PAM is supposed to be?). Just a guess...

Any further idea about why neither dhx nor randnum works with my account?

>Jon

-----Original Message-----
From: Michalowski Thierry [mailto:Thierry.Michalowski@edipresse.ch]
Sent: Thursday, October 12, 2000 6:28 AM
To: 'netatalk-admins@umich. edu (E-mail)'
Subject: Only guest login with 1.4.99 - complete message (first was
truncated)

Hi,
I grabbed the 1.4.99 source tarball on sourceforge and compiled then
installed it.
Everything ran smoothly...except one has to be root to 'make' the
package because it asks to create a temp file in /. Ok, this has
already been filed as a bug.
At atalk startup, everything loads but only one uam is loaded:
uams_guest.so . (This appears in the syslog).
So, I can see my Linux box in the chooser, I can connect trough TCP on
it, but only as guest. Which is a pity!
System is Debian "unstable" with Linux kernel 2.2.16 (Stormix).
openssl is installed.
I recompiled the uams, uncommenting the line concerning the
dhx-related ones in the Makefile.
Here follow some infos:
**************************
ls -l /etc/atalk/uams :
lrwxrwxrwx 1 root root 11 Oct 11 14:56
uams_clrtxt.so -> uams_pam.so
lrwxrwxrwx 1 root root 15 Oct 11 14:56 uams_dhx.so ->
uams_dhx_pam.so
-rw-r--r-- 1 root root 3374 Oct 11 14:44
uams_dhx_pam.so
-rw-r--r-- 1 root root 3381 Oct 11 14:44
uams_dhx_passwd.so
-rw-r--r-- 1 root root 20319 Oct 11 14:44 uams_guest.so
-rw-r--r-- 1 root root 3366 Oct 11 14:44 uams_pam.so
-rw-r--r-- 1 root root 25292 Oct 11 14:44 uams_passwd.so
-rw-r--r-- 1 root root 20498 Oct 11 14:44
uams_randnum.so
**************************
cat /etc/atalk/netatalk.conf:
# Appletalk configuration
# Change this to increase the maximum number of clients that can
connect:
AFPD_MAX_CLIENTS=20
# Change this to set the machine's atalk name and zone.
# NOTE: if you're zone has spaces in it, you're better off specifying
# it in afpd.conf
ATALK_ZONE=@LSN-DIP
ATALK_NAME=`echo ${HOSTNAME}|cut -d. -f1`
#ATALK_NAME=PCTHIERRY-LINUX
# specify this if you don't want guest, clrtxt, and dhx
# available options: uams_guest.so, uams_clrtxt.so, uams_dhx.so,
# uams_randnum.so
AFPD_UAMLIST="-U uams_clrtxt.so,uams_randnum.so,uams_dhx.so"
# Change this to set the id of the guest user
AFPD_GUEST=nobody
# Set which daemons to run (papd is dependent upon atalkd):
ATALKD_RUN=yes
PAPD_RUN=yes
AFPD_RUN=yes
# Control whether the daemons are started in the background
ATALK_BGROUND=no
**************************
cat /etc/atalk/netatalk.pamd
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow
account required /lib/security/pam_pwdb.so
#password required /lib/security/pam_cracklib.so
#password required /lib/security/pam_pwdb.so shadow use_authtok
session required /lib/security/pam_pwdb.so
**************************
tail /etc/atalk/afpd.conf:
- -transall -uamlist
uams_dhx.so,uams_clrtxt.so,uams_randnum.so,uams_pam.so,uams_passwd.so,
uams_guest.so
**************************
/etc/atalk/atalkd.conf is empty (only comments)
**************************
tail /etc/atalk/AppleVolumes.default:
~
/export/MAC PARTAGE LINUX options:noadouble

Thanks if anyone has some clue!

--
Thierry Michalowski
Dev. Engineer - IT specialist
Edipresse Publications S.A.
33,av. de la gare
CH-1001 Lausanne
Tel: +41 21 349 46 26
Mobile: +41 79 611 79 05
Fax: +41 21 349 52 09

• Next message: Jonathan Newman: "RE: Only guest login with 1.4.99 - complete message (first was truncated)"
• Previous message: Walt: "Re: Gigabit advice please"
• Next in thread: Jonathan Newman: "RE: Only guest login with 1.4.99 - complete message (first was truncated)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:32:22 EST