Forum OpenACS Q&A: Re: Error using PAM-Authentication

Posted by Lars Pind on

Which operating system?

Try adding " debug" at the end of your auth and account lines like so:

auth sufficient /lib/security/ debug
account sufficient /lib/security/ debug

This should cause PAM to output debugging information in /var/adm/messages (probably OS dependent though, so it could be somewhere else, like /var/log/messages).

If this doesn't work, Mat Kovach also produced a version of nspam which outputs debug info, but a) that didn't help, and b) I can't find it now.

Two common pit-falls I want to mention, even though they don't apply in your case:

1) If you're using standard unix password authentication, your /etc/shadow must be readable by AOLserver. The best way is to change its group to the same group that AOLserver runs as, and make it readable to that group, not to world.

2) On Solaris 7 at least, there must be *both* an 'auth' and an 'account' line in your /etc/pam.conf file.