Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
11.8.8, 12.3.2
-
None
Description
Create a user that authenticates via pam:
CREATE USER 'pam_test'@'%' IDENTIFIED VIA pam USING 'my_service';
|
Setup my_service so that the user is valid and can log in. Then, test the user with command line client. It should work as intended. Client first assumes the wrong plugin, server then sends the AuthSwitchRequest.
mariadb -h127.0.0.1 -P23609 -upam_test -ppam_test
|
Welcome to the MariaDB monitor. Commands end with ; or \g.
|
Your MariaDB connection id is 19
|
Try to log in by stating the correct client plugin, and it fails even when credentials are correct.
mariadb -h127.0.0.1 -P23609 -upam_test -ppam_test --default-auth=dialog
|
ERROR 1045 (28000): Access denied for user 'pam_test'@'localhost' (using password: NO)
|
A similar test with a user account that logs in via ed25519 works even with --default-auth:
mariadb -h127.0.0.1 -P4006 -ued_test -ped_test --default-auth=client_ed25519
|
Welcome to the MariaDB monitor. Commands end with ; or \g.
|
Your MariaDB connection id is 3
|
Command-line client version:
mariadb --version
|
mariadb from 12.2.2-MariaDB, client 15.2 for debian-linux-gnu (x86_64) using EditLine wrapper
|