Troubleshooting
Problem
This technote explains why IBM® Rational® ClearCase® Remote Client (CCRC) users may not be able to login when configuring PAM-based user authentication on a 64-bit Linux system.
Symptom
When configuring PAM-based user authentication on a 64-bit Linux system, ClearCase Remote Client (CCRC) users may not be able to log in via CCRC. These users are able to log on locally or using telnet or SSH. Users added directly to the Linux host operate correctly with the ClearCase Remote Client.
A PAM trace shows that CCWEB with PAM authentication is looking for the pam_krb5.so in the /lib/security as shown in the debug log below:
Jul 17 20:43:06 lxappcdt0001 syslogd 1.4.1: restart.
Jul 17 20:43:29 lxappcdt0001 ccweb: pam_unix2: pam_sm_authenticate() called
Jul 17 20:43:29 lxappcdt0001 ccweb: pam_unix2: username=[d322702]
Jul 17 20:43:29 lxappcdt0001 ccweb: pam_unix2: dlopen("/lib/security/pam_krb5.so") failed: /lib/security/pam_krb5.so: cannot open shared object file: No such file or directory
Jul 17 20:43:29 lxappcdt0001 ccweb: pam_unix2: pw == NULL, return PAM_USER_UNKNOWN
Jul 17 20:43:29 lxappcdt0001 pam_tally[25904]: pam_tally: unknown option; debug
Jul 17 20:43:29 lxappcdt0001 pam_tally[25904]: pam_tally: pam_get_uid; no such user d322702
However, the 64-bit PAM libraries install to /lib64/security.
Log InLog in to view more of this document
Was this topic helpful?
Document Information
Modified date:
29 September 2018
UID
swg21295604