Article delegate-en/2604 of [1-4012] on the server localhost:7119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en
[DeleGate-En] Problem with PAM authentication
27 Apr 2004 16:28:56 GMT Jehan-Guillaume de Rorthais <p4edabdyi-jmfhzl6kqqdw.ml@delegate.org> 
Hi,

I'm trying the PAM Authentication feature.

My configuration of delegate is the following (on port 7978 for test) :
__________________________CONF________________________
-P7978
env[16]
LIBPATH=.;/root/delegateTest;/delegate/lib;/usr/local/+delegate8.9.2/src;/delegate/etc
env[18] RESOLV=cache,file,dns,sys
arg[3] OWNER=delegate
arg[4] DGROOT=/delegate
arg[5] ADMIN=JehanGuillaume.deRorthais@omya..
arg[6] AUTH=admin:*:adminjrr@frpa01proxy
arg[7] AUTH=proxy:pauth
arg[8] AUTHORIZER=-pam/passwd
arg[9] SERVER=http
arg[10] RELIABLE=*@localhost
arg[11] PERMIT=*:*:*
arg[12] PROXY=172.25.72.2:80
arg[13] SHARE=
arg[14] PROTOLOG=:%C
~~~~~~~~~~~~~~~~~~~~~END OF CONF~~~~~~~~~~~~~~~~~~~~~~

But, I can't authenticate any user who exists in the /etc/passwd file :/ ..
I readed your doc and tested lots of conf, but I still don't success...

here my logfile (sorry, little bit long) : 

__________________________LOG________________________
04/27 18:03:55.98 [5871] 0+0: TMPFILE(new_shared) = (3)
/delegate/tmp/dg5871.1.1083081835
04/27 18:03:55.98 [5871] 0+0: >>>TMPFILE(new_shared)>>>819bdb0[3]
04/27 18:03:55.99 [5871] 0+0: [-] localhost
04/27 18:03:55.99 [5871] 0+0: [-] 127.0.0.1
04/27 18:03:55.99 [5871] 0+0: HOSTS[0]=localhost/127.0.0.1 (PREDEF)
04/27 18:03:55.99 [5871] 0+0: [-] .af-local
04/27 18:03:55.99 [5871] 0+0: [-] 127.0.0.127
04/27 18:03:55.99 [5871] 0+0: HOSTS[1]=.af-local/127.0.0.127 (PREDEF)
04/27 18:03:55.99 [5871] 0+0: scanned
HOSTS=localhost/127.0.0.1,.af-local/127.0.0.127
04/27 18:03:55.99 [5871] 0+0: *** GETHOSTBYNAME: frpa01proxy.fr.omya.com / 0.00
secs. has_alias:1
04/27 18:03:55.99 [5871] 0+0:
HOSTS[2]={frpa01proxy.fr.omya.com,frpa01proxy}/172.25.72.12
04/27 18:03:55.99 [5871] 0+0: configuring default RESOLV ...
04/27 18:03:55.99 [5871] 0+0: ... SYS: frpa01proxy -> 172.25.72.12
04/27 18:03:55.99 [5871] 0+0: ... NIS not available (no default domain)
04/27 18:03:55.99 [5871] 0+0: ... export RES_ORDER=CFDS
04/27 18:03:55.99 [5871] 0+0: export RESOLV=cache,file,dns,sys (set by default)
04/27 18:03:55.99 [5871] 0+0: setsockbuf[8] in:0->0 out:65535->131072
04/27 18:03:55.99 [5871] 0+0: --INITIALIZATION START: 8.9.2 on Linux/2.4.18--
04/27 18:03:55.99 [5871] 0+0: BINSHELL=/bin/sh
04/27 18:03:55.99 [5871] 0+0: SPECIALIST: http
04/27 18:03:55.99 [5871] 0+0: frex_append(**) = 819BAC0
04/27 18:03:55.99 [5872] 0+0: -- Fork(daemon): 5871 -> 5872
04/27 18:03:55.99 [5872] 0+0: server_open(delegate,:7978,listen=20)
04/27 18:03:55.99 [5872] 0+0: listen(9,20) OK.
04/27 18:03:55.99 [5872] 0+0: server_open(delegate,:7978) BOUND
04/27 18:03:55.99 [5872] 0+0: DGROOT=/delegate^M
04/27 18:03:55.99 [5872] 0+0: <DeleGate/8.9.2> [5872] -P7978 READY^M
04/27 18:03:55.99 [5872] 0+0: PORT= 7978/9 (31,42)
04/27 18:03:55.99 [5872] 0+0: OWNER=delegate =>
OWNER=delegate/delegate(delegate/delegate)
04/27 18:03:55.99 [5872] 0+0: SPECIALIST: http
04/27 18:03:55.99 [5872] 0+0: ##DeleGate/6.X: MIMECONV=thru is set by default.
MIMECONV="" will make it compatible with former
 versions.
04/27 18:03:55.99 [5872] 0+0: dirfopen(/delegate/log/errors.log,a): 819faa8 [10]
04/27 18:03:55.99 [5872] 0+0: dirfopen(/delegate/log/abort/7978,a): 819fc18 [11]
04/27 18:03:55.99 [5872] 0+0: dirfopen(/delegate/log/7978.http,a): 819fd88 [12]
04/27 18:03:55.99 [5872] 0+0:
dirfopen(/delegate/act/locks/FILE//delegate/log/7978.http,w+): 819ff18 [13]
04/27 18:03:55.99 [5872] 0+0: #### newRoute[ROUTE] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] ROUTE=http://172.25.72.2:80/-_-{*}:{*}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[NOTIFYPLTFM] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] NOTIFYPLTFM=://:0-_-{}:{}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[CMAP] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] CMAP={-pam/passwd}AuthServer{*}:{*}:{*}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[REMITTABLE] 0/16
04/27 18:03:55.99 [5872] 0+0: [0]
REMITTABLE={}{http,https/{80,443},gopher,ftp,wais}:{*}:{*}
04/27 18:03:55.99 [5872] 0+0: REMITTABLE = http,https/{80,443},gopher,ftp,wais
04/27 18:03:55.99 [5872] 0+0: #### newRoute[PERMIT] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] PERMIT={}{http,https,gopher,ftp,wais}:{*}:{*}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[RELIABLE] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] RELIABLE=://:0-_-{}:{}
04/27 18:03:55.99 [5872] 0+0: -- ident: ENABLE{localhost}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[USERIDENT] 0/16
04/27 18:03:55.99 [5872] 0+0: [0] USERIDENT=://:0-_-{}:{}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[CMAP] 1/16
04/27 18:03:55.99 [5872] 0+0: [1]
CMAP={delegate,vhost,nojava}relay{*}:{*}:{.localnet}
04/27 18:03:55.99 [5872] 0+0: #### newRoute[CMAP] 2/16
04/27 18:03:55.99 [5872] 0+0: [2] CMAP={proxy}relay{*}:{*}:{*}
04/27 18:03:55.99 [5872] 0+0: ### [0] gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [1] /root/delegateTest/gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [2] /delegate/lib/gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [3] /usr/local/+delegate8.9.2/src/gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [4] /delegate/etc/gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [0] /sbin/gzip 0
04/27 18:03:55.99 [5872] 0+0: ### [1] /bin/gzip 81a8a98
04/27 18:03:55.99 [5872] 0+0: PATH: gzip -> /bin/gzip
04/27 18:03:55.99 [5872] 0+0: #### gzip = [/bin/gzip]gzip
04/27 18:03:55.99 [5872] 0+0: #### gunzip = [/bin/gzip]gzip -d
04/27 18:03:55.99 [5872] 0+0: ADMIN=JehanGuillaume.deRorthais@omya..
protocol=http(specialist)
04/27 18:03:55.99 [5872] 0+0: frex_append(**) = 819BAC0
04/27 18:03:55.99 [5872] 0+0: WORKDIR=/delegate/work/7978
04/27 18:03:55.99 [5872] 0+0: dirfopen(5872,w): 81a8b70 [13]
04/27 18:03:55.99 [5872] 0+0: IGNORE DUPLICATE MOUNT[0] /-* = default
04/27 18:03:55.99 [5872] 0+0: IGNORE DUPLICATE MOUNT[1] /=* = default
04/27 18:03:55.99 [5872] 0+0: MOUNT[0]X[2] /-/builtin/icons/* = default
04/27 18:03:55.99 [5872] 0+0: MOUNT[1]X[3] /-/* = forbidden,from=!.RELIABLE,default
04/27 18:03:55.99 [5872] 0+0: MOUNT[2]X[0] /-* = default
04/27 18:03:55.99 [5872] 0+0: MOUNT[3]X[1] /=* = default
04/27 18:03:56.00 [5872] 0+0: ##DeleGate/6.X: No default private-MASTER.
MASTERP="" will make it compatible with former versio
ns.
04/27 18:03:56.00 [5872] 0+0: frex_append(**) = 819BAC0
04/27 18:03:56.00 [5872] 0+0: #### stack size limit = 800000 (000000X)
04/27 18:03:56.00 [5872] 0+0: dirfopen(/delegate/act/pid/7978,w+): 81a8e60 [13]
04/27 18:03:56.00 [5872] 0+0: Stay open PIDFILE for accept() lock[fd=13]
04/27 18:03:56.00 [5872] 0+0: env[16]
LIBPATH=.;/root/delegateTest;/delegate/lib;/usr/local/+delegate8.9.2/src;/delegate/etc
04/27 18:03:56.00 [5872] 0+0: env[18] RESOLV=cache,file,dns,sys
04/27 18:03:56.00 [5872] 0+0: arg[3] OWNER=delegate
04/27 18:03:56.00 [5872] 0+0: arg[4] DGROOT=/delegate
04/27 18:03:56.00 [5872] 0+0: arg[5] ADMIN=JehanGuillaume.deRorthais@omya.com
04/27 18:03:56.00 [5872] 0+0: arg[6] AUTH=admin:*:adminjrr@frpa01proxy
04/27 18:03:56.00 [5872] 0+0: arg[7] AUTH=proxy:pauth
04/27 18:03:56.00 [5872] 0+0: arg[8] AUTHORIZER=-pam/passwd
04/27 18:03:56.00 [5872] 0+0: arg[9] SERVER=http
04/27 18:03:56.00 [5872] 0+0: arg[10] RELIABLE=*@localhost
04/27 18:03:56.00 [5872] 0+0: arg[11] PERMIT=*:*:*
04/27 18:03:56.00 [5872] 0+0: arg[12] PROXY=172.25.72.2:80
04/27 18:03:56.00 [5872] 0+0: arg[13] SHARE=
04/27 18:03:56.00 [5872] 0+0: arg[14] PROTOLOG=:%C
04/27 18:03:56.00 [5872] 0+0: TMPFILE(setLastModified) = (17)
/delegate/tmp/dg5872.2.1083081836
04/27 18:03:56.00 [5872] 0+0: >>>TMPFILE(setLastModified)>>>81a9010[17]
04/27 18:03:56.00 [5872] 0+0: dirfopen(/delegate/etc/params/7978,r): 81a9180 [18]
04/27 18:03:56.00 [5872] 0+0: DELEGATE_Modified[0]: 408e83b0
04/27 18:03:56.00 [5872] 0+0: Accept-LOCK: 0
04/27 18:03:56.00 [5872] 0+0: --INITIALIZATION DONE: 8.9.2 on Linux/2.4.18--
04/27 18:03:56.00 [5872] 0+0: dirfopen(/delegate/log/stdout.log,a): 81a9010 [19]
04/27 18:03:56.00 [5872] 0+0: Redirect {stdout,stderr} to LOGDIR/stdout.log
04/27 18:04:01.02 [5872] 0+0: ## accept([9]:7978)=20
04/27 18:04:01.02 [5877] 1+0: -- Fork(SequentialServer): 5872 -> 5877
04/27 18:04:01.02 [5877] 1+1: -- SockHost: [172.25.72.12]
frpa01proxy.fr.omya.com:7978
04/27 18:04:01.03 [5877] 1+1: HOSTS[3]=/172.25.73.0
04/27 18:04:01.03 [5877] 1+1: SPECIALIST: http
04/27 18:04:01.03 [5877] 1+1: frex_append(**) = 819BAC0
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,r+): 0 [-1]
04/27 18:04:01.03 [5877] 1+1:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,w+): 81b98c0 [15]
04/27 18:04:01.03 [5877] 1+1: (0) accepted [48] -@[172.25.73.0]172.25.73.0:3313
(0.004s)(1)
04/27 18:04:01.03 [5877] 1+1: dirfopen(/delegate/adm/shutout/172.25.73.0,r): 0 [-1]
04/27 18:04:01.03 [5877] 1+1: KeepAlive[48] = 1
04/27 18:04:01.03 [5877] 1+1: execGeneralist->execSpecialist
04/27 18:04:01.03 [5877] 1+1: PATH:
http://-:80!frpa01proxy.fr.omya.com:7978!172.25.73.0:3313!anonymous@172.25.73.0;1083081841
04/27 18:04:01.03 [5877] 1+1: Accept-Language: fr
04/27 18:04:01.03 [5877] 1+1: HTTP Relay_request_head (238 bytes/7 lines)
04/27 18:04:01.03 [5877] 1+1: Proxy: host=172.25.73.0; User-Agent: Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1); DIRECT
04/27 18:04:01.03 [5877] 1+1: HCKA:[0] Keep-Alive; host=172.25.73.0;
(User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows N
T 5.1))
04/27 18:04:01.03 [5877] 1+1: HTTP Relay_request done (238 bytes/7 lines)
04/27 18:04:01.03 [5877] 1+1: gethostbyname(-) unknown[0.00s]
04/27 18:04:01.03 [5877] 1+1: HOSTS[4]=-/
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1: TMPFILE(NULLFP) = (15)
/delegate/tmp/dg5877.3.1083081841
04/27 18:04:01.03 [5877] 1+1: >>>TMPFILE(NULLFP)>>>81c0f30[15]
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1: HCKA:[0] a:proxy authentication required
04/27 18:04:01.03 [5877] 1+1: TMPFILE(NotAuthorized) = (20)
/delegate/tmp/dg5877.4.1083081841
04/27 18:04:01.03 [5877] 1+1: >>>TMPFILE(NotAuthorized)>>>81c1210[20]
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1: [2] MOUNT ASIS: /-
04/27 18:04:01.03 [5877] 1+1: ####[builtin] /-/builtin/mssgs/407-unauthproxy.dhtml
04/27 18:04:01.03 [5877] 1+1: ImMaster? 0 <http://-:80> <://:0/>
04/27 18:04:01.03 [5877] 1+1: REALM: proxy
04/27 18:04:01.03 [5877] 1+1: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:01.03 [5877] 1+1/1: HCKA:[1] closed -- a:proxy authentication required
04/27 18:04:01.03 [5877] 1+1/1: LINGER: [48] 30 8{1,30}
04/27 18:04:01.03 [5877] 1+1/1:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,r+): 81c1210 [20]
04/27 18:04:01.03 [5877] 1+1/1: disconnected [48]
-@[172.25.73.0]172.25.73.0:3313 (0.007s)(0)
04/27 18:04:01.03 [5877] 1+1: dirfopen(/delegate/act/pid/7978,r+): 81a8e60 [13]
04/27 18:04:01.03 [5877] 1+1: StickyServer: start accept()
04/27 18:04:05.61 [5877] 1+1: ## accept([9]:7978)=20
04/27 18:04:05.61 [5877] 1+1: ## AcceptBySticky: SEND ACCEPT REPORT
04/27 18:04:05.61 [5877] 1+2: -- SockHost: [172.25.72.12]
frpa01proxy.fr.omya.com:7978
04/27 18:04:05.61 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.61 [5877] 1+2:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,r+): 81ba4d8 [20]
04/27 18:04:05.61 [5877] 1+2: (0) accepted [45] -@[172.25.73.0]172.25.73.0:3314
(0.000s)(1)
04/27 18:04:05.61 [5877] 1+2: dirfopen(/delegate/adm/shutout/172.25.73.0,r): 0 [-1]
04/27 18:04:05.61 [5877] 1+2: KeepAlive[45] = 1
04/27 18:04:05.61 [5877] 1+2: execGeneralist->execSpecialist
04/27 18:04:05.61 [5877] 1+2: PATH:
http://-:80!frpa01proxy.fr.omya.com:7978!172.25.73.0:3314!anonymous@172.25.73.0;1083081845
04/27 18:04:05.61 [5872] 1+0: AcceptByMain: got Sticky REPORT 1/1
04/27 18:04:05.61 [5872] 1+0: ## getStickyReport: GOT ACCEPT REPORT #1 (+1)
04/27 18:04:05.61 [5877] 1+2: Accept-Language: fr
04/27 18:04:05.61 [5877] 1+2: HTTP Relay_request_head (291 bytes/8 lines)
04/27 18:04:05.61 [5877] 1+2: Proxy: host=172.25.73.0; User-Agent: Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1); DIRECT
04/27 18:04:05.61 [5877] 1+2: HCKA:[0] Keep-Alive; host=172.25.73.0;
(User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows N
T 5.1))
04/27 18:04:05.61 [5877] 1+2: HTTP Relay_request done (291 bytes/8 lines)
04/27 18:04:05.61 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.61 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.61 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.61 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.61 [5877] 1+2: AUTH_CACHE 0 pam://adminjrr@-..:0
04/27 18:04:05.61 [5877] 1+2: expfopen:
/delegate/adm/authorizer/passwd.-.pam/cab9e55ee64b3426c87b5368a20d1fab-cache
04/27 18:04:05.61 [5877] 1+2: [0.00,-1][AUTH cache-NONE]
/delegate/adm/authorizer/passwd.-.pam/cab9e55ee64b3426c87b5368a20d1fa
b-cache
04/27 18:04:05.61 [5877] 1+2: ### [0] dgpam 0
04/27 18:04:05.61 [5877] 1+2: ### [1] /delegate/subin/dgpam 0
04/27 18:04:05.61 [5877] 1+2: ### [2] /root/delegateTest/dgpam 0
04/27 18:04:05.61 [5877] 1+2: ### [3] /usr/local/+delegate8.9.2/src/dgpam 81c37c8
04/27 18:04:05.61 [5877] 1+2: ## dgpam = /usr/local/+delegate8.9.2/src/dgpam
04/27 18:04:05.61 [5877] 1+2:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,r+): 81c37c8 [20]
04/27 18:04:05.62 [5877] 1+2: ## dgpam -a passwd adminjrr = HTTP/1.0 403^M
04/27 18:04:05.62 [5877] 1+2: ## Auth/PAM = -1 <adminjrr:****@-passwd.-..pam>
04/27 18:04:05.62 [5877] 1+2: AUTHORIZER=-pam/passwd host=[-pam] user=[adminjrr]
-> NO
04/27 18:04:05.62 [5877] 1+2: HCKA:[0] a:proxy authentication required
04/27 18:04:05.62 [5877] 1+2: TMPFILE(NotAuthorized) = (20)
/delegate/tmp/dg5877.5.1083081845
04/27 18:04:05.62 [5877] 1+2: >>>TMPFILE(NotAuthorized)>>>81c37c8[20]
04/27 18:04:05.62 [5877] 1+2: ####[reuse] /-/builtin/mssgs/407-unauthproxy.dhtml
04/27 18:04:05.62 [5877] 1+2: ImMaster? 0 <http://-:80> <://:0/>
04/27 18:04:05.62 [5877] 1+2: REALM: proxy
04/27 18:04:05.62 [5877] 1+2: *** gethostbyname(172.25.73.0) -> byaddr(4,2)
04/27 18:04:05.62 [5877] 1+2/1: HCKA:[1] closed -- a:proxy authentication required
04/27 18:04:05.62 [5877] 1+2/1: LINGER: [45] 30 8{1,30}
04/27 18:04:05.62 [5877] 1+2/1:
dirfopen(/delegate/act/clients/12/172.25.73.0:172.25.73.0,r+): 81c1210 [20]
04/27 18:04:05.62 [5877] 1+2/1: disconnected [45]
-@[172.25.73.0]172.25.73.0:3314 (0.008s)(0)
04/27 18:04:05.62 [5877] 1+2: StickyServer: start accept()
04/27 18:04:16.05 [5872] 1+0: AcceptByMain: TIMEOUT(children=1, timeout=15)
04/27 18:04:35.65 [5877] 1+2: StickyServer done [acceptFailed] 2 req / 2 conn /
34 sec
04/27 18:04:35.65 [5872] 1+0: AcceptByMain: got Sticky REPORT 1/1
04/27 18:04:35.69 [5872] 1+0: (0) process [5877] dead
~~~~~~~~~~~~~~~~~~~~~END OF LOG~~~~~~~~~~~~~~~~~~~~~~

As you see, I received and 403 error code...

My PAM version is the 0.56 on a Debian Woody up-to-date...

Could you please tell me what I forgoted/misanderstand or what's wrong in my conf ? 

Thanks a lot...

Cheers,


-- 
JGuillaume de Rorthais
GPG/PGP ID : 0x2A47BED0
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V