As a way to work around the numerous pam bugs in MariaDB 10.4.6, I tried to copy the pam plugins from MariaDB 10.3.16. This does not work, and it fails instantly without even asking for a password.
For example, copy the plugin from the 10,3 to the 10.4 server:
Then move the existing one on the 10.4 server:
And then install the one from 10.3:
Create a Unix user account and set a password for the user:
Create the PAM service configuration:
Then in MariaDB, install the plugin:
And then create the user account:
And then you need to do the /etc/shadow workaround for pam_unix:
And then restart MariaDB:
And then, try to authenticate as the Unix account (while using the workaround for
MDEV-19880, the syslog doesn't even show a failed password check.