SoftTree Technologies Technical Support Forums Register • Search • FAQ • Memberlist • Usergroups • Log in Unable to install/configure PAM authentication on Linux      SoftTree Technologies Forum Index » 24x7 Scheduler, Event Server, Automation Suite View previous topic View next topic Unable to install/configure PAM authentication on Linux Author Message fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States Unable to install/configure PAM authentication on Linux Hi, We are trying to established server/client setup for 24x7 scheduler and trying to access the agent however it's giving following errors. "Connection to remote host "mynewhost" failed" Looking at documentation we tried following: 1. Download the Perl Authen::PAM module (Authen-PAM-0.12.tar.gz) It is available at http://www.perl.com/CPAN/authors/id/N/NI/NIKIP/ 2. cd /tmp tar -zxvf Authen-PAM-0.15.tar.gz cd Authen-PAM-0.15 perl Makefile.PL make make install However this is failing with following errors: [root@nyaddbatest01 Authen-PAM-0.16]# perl Makefile.PL Checking if your kit is complete... Looks good checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ANSI C... none needed checking how to run the C preprocessor... gcc -E checking for pam header files in... no configure: error: cannot find the pam_appl.h file Error in configuring the Authen::PAM module. If we comment out everything from auth.pl and keep the following line, it successfully connect to the agent host. print "OK"; So the problem appears to be PAM authentication setup related. we have copied the files to pam.d directory too but it's not working for us. --------------------------- - Add 'jscheduler' service configuration to system PAM files directory or configuration file. Here is an example for RedHat Linux: cp <path>/pam/jscheduler /etc/pam.d/ ---------------------------------- when I run auth.pl, i get following error. /u01/app/247scheduler/auth.pl oracle asdasdas Module is unknown This is the exact error in debug.log file too. ---------------------------------------- 2016-03-14 15:17:52,258 [RMI TCP Connection(4)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.agent.remote.RemoteAgentImpl - Authenticating user oracle 2016-03-14 15:17:52,261 [RMI TCP Connection(4)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.runner.security.SecurityService - authNativeUser: /u01/app/247scheduler/auth.pl 2016-03-14 15:17:52,400 [RMI TCP Connection(4)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.runner.security.SecurityService - Module is unknown ----------------------------------------- Any help in this regard is highly appreciated as we have a working demo planned for Wednesday. Mon Mar 14, 2016 3:20 pm SysOp Site Admin Joined: 26 Nov 2006 Posts: 7948 Please have a look at http://stackoverflow.com/questions/15614823/pam-appl-h-and-pam-misc-h-missing-in-rshd-c-source-code They say CentOS needs pam-devel rpm installed for that to work. Specific information is available at the end of the referenced article. Hope that helps. Mon Mar 14, 2016 5:04 pm fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States Hi, We have Red hat linux. Does this apply to our version too instead of CentOS? uname -a Linux nyadtest01 2.6.32-573.18.1.el6.x86_64 #1 SMP Wed Jan 6 11:20:49 EST 2016 x86_64 x86_64 x86_64 GNU/Linux Tue Mar 15, 2016 10:24 am SysOp Site Admin Joined: 26 Nov 2006 Posts: 7948 Yes, I believe it does Tue Mar 15, 2016 10:29 am fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States Thanks. I was able to run the steps however I am still getting following errors in DEBUG.log file. 2016-03-15 10:43:46,205 [RMI TCP Connection(2)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.agent.remote.RemoteAgentImpl - Authenticating user oracle 2016-03-15 10:43:46,207 [RMI TCP Connection(2)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.runner.security.SecurityService - authNativeUser: /u01/app/scheduler247/auth.pl 2016-03-15 10:43:46,274 [RMI TCP Connection(2)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.runner.security.SecurityService - Module is unknown FYI the make log. ---------------------------------------------------- [root@Authen-PAM-0.16]# perl Makefile.PL Checking if your kit is complete... Looks good checking for gcc... gcc checking for C compiler default output file name... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ANSI C... none needed checking how to run the C preprocessor... gcc -E checking for pam header files in... security checking for pam_getenv... yes checking if pam_strerror takes a pam_handle_t argument... yes checking for PAM_AUTHTOKEN_REQD... no checking for PAM_NEW_AUTHTOK_REQD... yes checking for PAM_AUTHTOK_EXPIRED... yes checking for PAM_AUTHTOK_RECOVER... no checking for PAM_AUTHTOK_RECOVERY... no checking for PAM_BAD_ITEM... yes checking for PAM_CONV_AGAIN... yes checking for PAM_CRED_DELETE... no checking for PAM_CRED_ESTABLISH... no checking for PAM_CRED_REFRESH... no checking for PAM_CRED_REINITIALIZE... no checking for PAM_DELETE_CRED... yes checking for PAM_ESTABLISH_CRED... yes checking for PAM_REFRESH_CRED... yes checking for PAM_REINITIALIZE_CRED... yes checking for PAM_INCOMPLETE... yes checking for PAM_MODULE_UNKNOWN... yes checking for PAM_RADIO_TYPE... yes checking for PAM_BINARY_PROMPT... yes checking whether RTLD_GLOBAL is declared... yes configure: creating ./config.status config.status: creating pam.cfg config.status: creating PAM.pm config.status: creating PAM_config.h Writing Makefile for Authen::PAM [root@ Authen-PAM-0.16]# make cp PAM/FAQ.pod blib/lib/Authen/PAM/FAQ.pod cp PAM.pm blib/lib/Authen/PAM.pm /usr/bin/perl /usr/share/perl5/ExtUtils/xsubpp -typemap /usr/share/perl5/ExtUtils/typemap -typemap typemap PAM.xs > PAM.xsc && mv PAM.xsc PAM.c gcc -c -I. -D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O 2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -DVERSION=\"0.16\" -DXS_VERSIO N=\"0.16\" -fPIC "-I/usr/lib64/perl5/CORE" -DHAVE_CONFIG_H PAM.c PAM.c: In function âXS_Authen__PAM_pam_endâ: PAM.xs:501: warning: unused variable âresâ PAM.c: In function âXS_Authen__PAM_pam_set_itemâ: PAM.xs:519: warning: unused variable âresâ PAM.c: In function âXS_Authen__PAM_pam_get_itemâ: PAM.xs:553: warning: unused variable âresâ PAM.c: At top level: PAM.xs:91: warning: ânot_hereâ defined but not used Running Mkbootstrap for Authen::PAM () chmod 644 PAM.bs rm -f blib/arch/auto/Authen/PAM/PAM.so gcc -shared -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic PAM.o -o blib/ar ch/auto/Authen/PAM/PAM.so \ -lpam \ chmod 755 blib/arch/auto/Authen/PAM/PAM.so cp PAM.bs blib/arch/auto/Authen/PAM/PAM.bs chmod 644 blib/arch/auto/Authen/PAM/PAM.bs Manifying blib/man3/Authen::PAM::FAQ.3pm Manifying blib/man3/Authen::PAM.3pm [root@Authen-PAM-0.16]# make install Files found in blib/arch: installing files in blib/lib into architecture dependent library tree Installing /usr/local/lib64/perl5/auto/Authen/PAM/PAM.so Installing /usr/local/lib64/perl5/auto/Authen/PAM/PAM.bs Installing /usr/local/lib64/perl5/Authen/PAM.pm Installing /usr/local/lib64/perl5/Authen/PAM/FAQ.pod Installing /usr/local/share/man/man3/Authen::PAM::FAQ.3pm Installing /usr/local/share/man/man3/Authen::PAM.3pm Appending installation info to /usr/lib64/perl5/perllocal.pod Tue Mar 15, 2016 10:45 am SysOp Site Admin Joined: 26 Nov 2006 Posts: 7948 It looks like you have successfully installed PAM and Authen-PAM module. To test that all dependencies are in place, please run ./auth.pl test test command. What kind of output do you get? Tue Mar 15, 2016 11:21 am fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States HI, I have tried that too and it is giving same error. [oracle@:TESTDB] auth.pl oracle asdasdasd Module is unknown I noticed one thing with the configuration. there was requirement to copy the jscheduler file to /etc/pam.d/ directory. We have copied that file however int he file, there are libraries mentioned which does not exist on os level. FYI what I mean. [oracle@jscheduler:TESTDB] cd /etc/pam.d/ [oracle@jscheduler:TESTDB] more jscheduler #%PAM-1.0 auth required /lib/security/pam_pwdb.so shadow nullok account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so [oracle@:TESTDB] ls -ltr /lib/security/pam_pwdb.so ls: cannot access /lib/security/pam_pwdb.so: No such file or directory You can see that these files not present on host. May be this is the reason for the above errors. Tue Mar 15, 2016 11:50 am SysOp Site Admin Joined: 26 Nov 2006 Posts: 7948 I think you're correct. Do you have pam_unix.so? Tue Mar 15, 2016 11:59 am fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States Yes we do have pam_unix.so. I have updated the jscheduler file and added this new entry and it worked. [root@pam.d]# cat jscheduler #%PAM-1.0 auth required pam_unix.so shadow nullok account required pam_unix.so session required pam_unix.so ./auth.pl oracle ********** OK FYI debug.log too. ----------------------------------- 2016-03-15 12:08:13,131 [main] DEBUG com.softtreetech.jscheduler.JSchedulerStarter - startup() : loading preferences 2016-03-15 12:08:13,132 [main] DEBUG com.softtreetech.jscheduler.JSchedulerStarter - startup() : Setting shutdown event hook 2016-03-15 12:08:13,137 [main] DEBUG com.softtreetech.jscheduler.JSchedulerStarter - startup() : loading job db 2016-03-15 12:08:13,137 [main] DEBUG com.softtreetech.jscheduler.JSchedulerStarter - startup() : ready to run jobs 2016-03-15 12:08:39,802 [RMI TCP Connection(2)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.agent.remote.RemoteAgentImpl - Authenticating user oracle 2016-03-15 12:08:39,805 [RMI TCP Connection(2)-10.31.40.57] DEBUG com.softtreetech.jscheduler.business.runner.security.SecurityService - authNativeUser: /u01/app/247scheduler/auth.pl Thank you very much for quick fix. Tue Mar 15, 2016 12:09 pm SysOp Site Admin Joined: 26 Nov 2006 Posts: 7948 Thank you for the status update. Please note this change is specific to your system type. Different PAM libraries are used by different *nix systems. Tue Mar 15, 2016 12:28 pm fkhalid Joined: 16 Feb 2016 Posts: 16 Country: United States Thanks for the quick fix. Now i am stuck at web-based interface setup. I have updated my other thread where i had raised this question. http://www.softtreetech.com/support/phpBB2/viewtopic.php?t=24451 Tue Mar 15, 2016 12:41 pm Display posts from previous:  All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year  Oldest FirstNewest First     SoftTree Technologies Forum Index » 24x7 Scheduler, Event Server, Automation Suite All times are GMT - 4 Hours Page 1 of 1   Jump to:  Select a forum ----------------SQL AssistantDB Audit, DB Mail, DB Tools24x7 Scheduler, Event Server, Automation SuiteTips & Snippets Repository You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum     Powered by phpBB © 2001, 2005 phpBB Group Design by Freestyle XL / Flowers Online.