What configuration file does ocserv read for PAM settings?

Tony Zhou tonytzhou at gmail.com
Thu Nov 14 07:36:42 EST 2013

Hi Nikos,

I edited the /etc/pam.d/ocserv to add the debug option:
auth    required        /lib/security/pam_radius_auth.so        debug

and what I got in log is just one line more, after auth init:
Nov 14 21:31:21 hostname ocserv[12784]: [client.ip.addr]:44236 auth init 
for user 'tony' from '[client.ip.addr]:44236'
Nov 14 21:31:21 hostname ocserv[12784]: pam_radius_auth: Got user name tony

so I think there's might be something wrong with my configuration of 
pam_radius to radius itself. Trying to mess with 


On 11/14/2013 7:33 AM, Nikos Mavrogiannopoulos wrote:
> On Thu, Nov 14, 2013 at 1:13 PM, Tony Zhou <tonytzhou at gmail.com> wrote:
>> Hi Nikos,
>> pam_unix works for authentication. I suppose it could be an issue with the
>> PAM module of RADIUS... Here's the log when I am trying to connect from
>> Android client.
> Do you see any relevant PAM messages in the log of your system? I'd
> also suggest to edit pam.c and increase PAM_STACK_SIZE to 512*1024. It
> may be that pam_radius uses more stack size than the other pam modules
> (although I don't think you're in that case).
> If nothing of the above helps and you're interested in debugging the
> issue, I'll send you a pam.c with more debugging information enable to
> see what's going wrong.
> regards,
> Nikos

More information about the openconnect-devel mailing list