gpg: failed to create temporary file '/var/lib/lurker/.#lk0x57b5d100.hantslug.org.uk.7774': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Wed Oct 29 14:15:51 2008 GMT
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
Can anyone point me at a good guide on debugging problems with LDAP
and PAM? (*Not* one of the thousands of HOWTOs out there that tell you
what to write where and then say "and it all should work").
I'm trying to set up a small cluster of machines and to use LDAP as
the authentication database for logins. I've got to the point where I
can search for users in the getent database ("id test" and "getent
passwd test" return the right things for my test user). However, I
can't use (for example) "su test", or ssh to the test user on the
machine. If I try, I get this in auth.log:
Oct 29 12:31:15 hactar su[3325]: (pam_unix) check pass; user unknown
Oct 29 12:31:15 hactar su[3325]: (pam_unix) authentication failure; logname= uid=1000 euid=0 tty=pts/1 ruser=hrm rhost=
Oct 29 12:31:18 hactar su[3325]: pam_authenticate: Authentication service cannot retrieve authentication info.
Oct 29 12:31:18 hactar su[3325]: FAILED su for test by hrm
Oct 29 12:31:18 hactar su[3325]: - pts/1 hrm:test
pam_ldap is definitely doing something, even if it's not logging
anything, as I get a load of debugging output from the slapd server
when I try this, but I can't identify the useful information from
it. Hence my request for advice on debugging.
Hugo.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- The English language has the mot juste for every occasion. ---
