I am having problems with PAM/MySQL authentication.
I have no problems logging in to the svn server thought ssh and
authentication via the PAM server works. However when I use PAM to
authenticate through SVN I am getting DB errors in the logs. Looking
at the MySQL query logs I can see that the (Password) query that is
being issued to MySQL is incomplete. As far as I know all Apache and
Pam config files are correct. I decided to compare the mysql query
logs on the currently working server and the new not working server .
This comparison is in the end of the e-mail and this how I came to the
conclusion that the query is incomplete.
Auth log on SVN server (svntest):
Oct 29 03:46:08 svntest nss-mysql[9707]: _nss_mysql_getspnam_r conf
file parsing failed
Oct 29 03:46:08 svntest nss-mysql[9707]: (pam_unix) authentication
failure; logname= uid=33 euid=33 tty= ruser= rhost=192.168. 6.43
user=ppragin
Oct 29 03:46:08 svntest nss-mysql[9707]: pam_mysql - MySQL error(You
have an error in your SQL syntax; check the manual that c
orresponds to your MySQL server version for the right syntax to use
near 'FROM WHERE user.user_name = 'ppragin'' at line 1)
Apache log on SVN server(svntest):
[Mon Oct 29 03:17:49 2007] [error] [client 192.168.] (9)Bad file
descriptor: Could not open password file: (null)
[Mon Oct 29 03:17:52 2007] [error] [client 192.168.] PAM: user
'ppragin' - not authenticated: Error in service module
Mysql query log from Pam server when running svn checkout from server
(svntest):
131 Connect address@hidden <mailto:address@hidden> on nss_mysql
131 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where
user.user_name='ppragin' and user.uid is not null and user.status =
'A' order by user.uid
132 Connect address@hidden on nss_mysql
132 Init DB nss_mysql
132 Query SELECT FROM WHERE user.user_name = 'ppragin'
132 Quit
Mysql query log from Pam server when running svn checkout from server
(newsvn):
753 Connect address@hidden on nss_mysql
753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin'
and user.uid is not null and user.status = 'A' order by user.uid
753 Query select
user.user_name,user.uid,NULL,user.realname,user.shell,user.homedir,user.gid
from user where user.user_name='ppragin'
and user.uid is not null and user.status = 'A' order by user.uid
754 Connect address@hidden
<mailto:address@hidden> on nss_mysql
754 Init DB nss_mysql
754 Query SELECT user.Password FROM user WHERE user.user_name='ppragin'
754 Quit
The difference:
(svntest server) 132 Query SELECT FROM WHERE user.user_name = 'ppragin'
(newsvn server) 754 Query SELECT user.Password FROM user WHERE
user.user_name='ppragin'
I can understand why “user.Password” is missing. This is how the
password is acquired from table “user” field “Password”.
This is why authentication is failing. One thing I don’t understand is
where the information provided for this query comes from.
I don’t see any mention of “user.Password” in any of the config files.
Maybe I am missing a step? Any ideas?
Pavel
.
*PAVEL PRAGIN*
address@hidden <mailto:address@hidden>
*T >* 650.328.3900
*M >* 650.521.4377
*F >* 650.328.3901
*SolutionSet*
The Brand Technology Company
http://www.SolutionSet.com <http://www.solutionset.com/>
*PA >* 131 Lytton Ave., Palo Alto, CA 94301
*SF >* 85 Second St., San Francisco, CA 94105
------------------------------------------------------------------------
_______________________________________________
Nss-mysql-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/nss-mysql-users