[MDEV-24535] pam v2: Authentication fails randomly - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Incomplete
Affects Version/s: 10.4.17, 10.4.19, 10.5.15
Fix Version/s: N/A
Component/s: Authentication and Privilege System, Plugin - pam
Labels:
None

Description

I'm running several webapps (PHP) on a CentOS 8 webserver. All webapps are reporting randomly that the connection to the database has been denied.

The "authentication chain" looks like this:
webapp => mariadb => pam v2 plugin => sssd => ldap

Switching to the "old" pam v1 plugin fixes this issue.

I'm sorry, I can't provide much information, let me know if you have further ideas where to look at. So far I only noticed the following lines in the sssd_pam.log on affected systems:

(2021-01-06 11:25:01): [pam] [client_send] (0x0010): Failed to send data, aborting client!

(2021-01-06 11:25:01): [pam] [client_send] (0x0010): Failed to send data, aborting client!

(2021-01-06 11:25:12): [pam] [client_send] (0x0010): Failed to send data, aborting client!

(2021-01-06 11:25:12): [pam] [client_send] (0x0010): Failed to send data, aborting client!

(2021-01-06 11:25:16): [pam] [client_send] (0x0010): Failed to send data, aborting client!

(2021-01-06 11:25:40): [pam] [client_send] (0x0010): Failed to send data, aborting client!

Mariadb:

Jan 06 11:25:01 <hostname> mysqld[1389]: 2021-01-06 11:25:01 60141 [Warning] Access denied for user '<username1>'@'localhost' (using password: NO)

Jan 06 11:25:01 <hostname> mysqld[1389]: 2021-01-06 11:25:01 60140 [Warning] Access denied for user '<username1>'@'localhost' (using password: NO)

Jan 06 11:25:12 <hostname> mysqld[1389]: 2021-01-06 11:25:12 60167 [Warning] Access denied for user '<username2>'@'localhost' (using password: NO)

Jan 06 11:25:12 <hostname> mysqld[1389]: 2021-01-06 11:25:12 60168 [Warning] Access denied for user '<username2>'@'localhost' (using password: NO)

Jan 06 11:25:16 <hostname> mysqld[1389]: 2021-01-06 11:25:16 60180 [Warning] Access denied for user '<username3>'@'localhost' (using password: NO)

Jan 06 11:25:40 <hostname> mysqld[1389]: 2021-01-06 11:25:40 60236 [Warning] Access denied for user '<username3>'@'localhost' (using password: NO)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

0001-MDEV-26212-auth_pam-Replaced-fork-exec-by-posix_spaw.patch
4 kB
2022-01-14 09:19

Activity

People

Assignee:: Alexey Botchkov

Reporter:: Florian Bezdeka

Votes:: 1 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 2021-01-06 10:48

Updated:: 2024-07-07 21:44

Resolved:: 2022-06-27 09:08

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.