How to get around PAM_AUTHTOK_RECOVERY_ERR?
Hi,
Following is my environment :- I created a user account called ADMIN1 with a password in RHEL 5 I verified that it is created properly by logging out and logging in as ADMIN1. Now I have an application, wherein if I login as ADMIN1 and then the password which would allow me in the application. This authentication takes place against the native Linux database i.e. /etc/passwd. I have populated the file secspawn in /etc/pam.d/ with the following entries :- auth required /lib/security/pam_warn.so auth required /lib/security/pam_unix.so debug account required /lib/security/pam_warn.so account required /lib/security/pam_unix.so debug password required /lib/security/pam_warn.so password required /lib/security/pam_unix.so debug session required /lib/security/pam_warn.so session required /lib/security/pam_unix.so debug After that I run my application wherein the pam_conv structure has a callback which is customised to my application. Then for authentication we are using the same functions :- i.e. pam_start(), pam_authenticate(), pam_acct_mgmt() etc. Now I find that the pam_start returns successfully , I verified this by checking the pamh which is of type pam_handle_t using pam_get_item using PAM_USER as one of the types. It gives me the correct user i.e. ADMIN1. Similarly for PAM_SERVICE too i checked and it gave me the correct service i.e. secspawn. However when it goes to pam_authenticate function it returns PAM_AUTHTOK_RECOVERY_ERR which means Authentication information cannot be recovered. My question is what could be going wrong? How do I get around this error? What checks do I need to do in order to see where I am getting stuck? Please let me know Regards, Rajendra S. |
All times are GMT -5. The time now is 04:58 AM. |