Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-10871

Add logging capability to pam_user_map.c

Details

    • 10.1.30, 10.1.32

    Description

      The PAM user mapping plugin doesn't currently seem to log any information to /var/log/secure. It would probably be helpful if the plugin had some way to enable verbose logging during testing, so that it would be easier to debug configuration problems.

      I expect the best way to implement this would be to create one or more module arguments for the plugin that controls logging. PAM module arguments are explained here:

      https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/PAM_Configuration_Files.html#pam-mod-args

      For example, maybe a configuration like this could enable very verbose debugging logging to /var/log/secure:

      auth required pam_user_map.so debug

      Or if we wanted the ability to specify a specific log, maybe we could do something like this:

      auth required pam_user_map.so debug_log=/tmp/pam_user_map.log

      But these are just suggestions.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-30384 Group mapping with pam_user_map does not work for ldap nested groups

          • Major - Major loss of function.
          • Open

          Activity

            People

              holyfoot Alexey Botchkov
              GeoffMontee Geoff Montee (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.