pam debugging "check pass; user unknown"

Posted by lvc on Super User See other posts from Super User or by lvc
Published on 2013-10-30T03:22:20Z Indexed on 2013/10/30 3:59 UTC
Read the original article Hit count: 496

Filed under:

I am attempting to get Prosody authenticating with its auth_pam module. It is configured to use the pam service name xmpp. The pam.d/xmpp file is copied straight from the one configured for dovecot (originally taken from, I think, dovecot's documentation), which is known to be working:

# cat /etc/pam.d/xmpp 
auth    required    pam_unix.so nullok debug
account required    pam_unix.so debug

Logging in with dovecot works wonderfully. Logging in with prosody, with exactly the same username and password, causes Prosody to return 'Not authorized', and the following in journalctl -f:

Oct 29 22:12:14 riscque.net prosody[9396]: c2s1d010b0: Client sent opening <stream:stream> to riscque.net
Oct 29 22:12:14 riscque.net prosody[9396]: c2s1d010b0: Sent reply <stream:stream> to client
Oct 29 22:12:14 riscque.net prosody[9396]: [178B blob data]
Oct 29 22:12:14 riscque.net unix_chkpwd[9408]: check pass; user unknown
Oct 29 22:12:14 riscque.net prosody[9396]: pam_unix(xmpp:auth): conversation failed
Oct 29 22:12:14 riscque.net prosody[9396]: pam_unix(xmpp:auth): unable to obtain a password
Oct 29 22:12:14 riscque.net prosody[9396]: pam_unix(xmpp:auth): auth could not identify password for [lvc]
Oct 29 22:12:14 riscque.net prosody[9396]: riscque.net:saslauth: sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text>Unable to authorize you with the authentication credentials you&apos;ve sent.</text></failure>

This series of errors seems mutually contradictory - first it says "user unknown", but then that it can't obtain the password for lvc - this username certainly exists on the system. What is likely going on here, and how would I debug this further?

© Super User or respective owner

Related posts about pam