Issue #3124: pam_sss system error 4 - sssd

SSSD / sssd

#3124 pam_sss system error 4

Closed: Invalid None Opened 7 years ago by jshim10.

Hi,
I can log in with SSH but not with local console.

Here's my /var/log/secure

{{{Aug 4 12:15:39 localhost login: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=jshim10
Aug 4 12:15:39 localhost login: pam_sss(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=jshim10
Aug 4 12:15:39 localhost login: pam_sss(login:auth): received for user jshim10: 4 (System error)
Aug 4 12:15:41 localhost login: FAILED LOGIN 1 FROM tty1 FOR jshim10, Authentication failure

Here's my /etc/pam.d/system-auth

#%PAM-1.0
auth        required      pam_env.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 1000 quiet_success
#auth        sufficient    pam_krb5.so use_first_pass
auth        sufficient    pam_sss.so use_first_pass
auth        required      pam_deny.so

account     required      pam_access.so
account     required      pam_unix.so broken_shadow
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 1000 quiet
#account     [default=bad success=ok user_unknown=ignore] pam_krb5.so
account     [default=bad success=ok user_unknown=ignore] pam_sss.so
account     required      pam_permit.so

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
#password    sufficient    pam_krb5.so use_authtok
password    sufficient    pam_sss.so use_authtok
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
-session     optional      pam_systemd.so
session     optional      pam_oddjob_mkhomedir.so umask=0077
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     sufficient    pam_sss.so
session     required      pam_unix.so
#session     optional      pam_krb5.so

I'm using id_provider ldap, and auth_provider krb5

jhrozek commented 7 years ago

I'm sorry but there is no useful debugging information in this ticket. Please follow https://fedorahosted.org/sssd/wiki/Troubleshooting and https://fedorahosted.org/sssd/wiki/Reporting_sssd_bugs and attach the domain log and krb5_child.log

jhrozek commented 7 years ago

There was no reply for almost two weeks, closing.

resolution: => worksforme
status: new => closed

Metadata Update from @jshim10:
- Issue set to the milestone: NEEDS_TRIAGE

7 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4157

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

NEEDS_TRIAGE

type

defect

component

SSSD

version

1.13.0

selected

None

testsupdated

patch

rhbz

None

design_review

review

changelog

None

keywords

None

coverity

None

mark

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#3124 pam_sss system error 4 Closed: Invalid None Opened 7 years ago by jshim10.

Metadata

#3124 pam_sss system error 4

Closed: Invalid None Opened 7 years ago by jshim10.