What configuration file does ocserv read for PAM settings?
Tony Zhou
tonytzhou at gmail.com
Thu Nov 14 07:36:42 EST 2013
Hi Nikos,
I edited the /etc/pam.d/ocserv to add the debug option:
auth required /lib/security/pam_radius_auth.so debug
and what I got in log is just one line more, after auth init:
Nov 14 21:31:21 hostname ocserv[12784]: [client.ip.addr]:44236 auth init
for user 'tony' from '[client.ip.addr]:44236'
Nov 14 21:31:21 hostname ocserv[12784]: pam_radius_auth: Got user name tony
so I think there's might be something wrong with my configuration of
pam_radius to radius itself. Trying to mess with
/etc/pam_radius_auth.conf...
Thanks,
TZ
On 11/14/2013 7:33 AM, Nikos Mavrogiannopoulos wrote:
> On Thu, Nov 14, 2013 at 1:13 PM, Tony Zhou <tonytzhou at gmail.com> wrote:
>> Hi Nikos,
>> pam_unix works for authentication. I suppose it could be an issue with the
>> PAM module of RADIUS... Here's the log when I am trying to connect from
>> Android client.
>
> Do you see any relevant PAM messages in the log of your system? I'd
> also suggest to edit pam.c and increase PAM_STACK_SIZE to 512*1024. It
> may be that pam_radius uses more stack size than the other pam modules
> (although I don't think you're in that case).
>
> If nothing of the above helps and you're interested in debugging the
> issue, I'll send you a pam.c with more debugging information enable to
> see what's going wrong.
>
> regards,
> Nikos
>
More information about the openconnect-devel
mailing list