Fedora directory users - May 2008 - console breaks after installing libnss-ldap and libpam-ldap

I have successfully installed Fedora ds 1.0.4 on Ubuntu 8.04. I run into
some issues when configuring Pam and Nss for the samba portion. On my
first test server I was able to complete the setup without an y major
problems. On all subsequent servers. I install FDS and successfully
start the console and add one posix user.

 

I then begin installing Pam and Libnss by using the auth-client-config
to automatically configure the files in /etc/pam.d/ as well as the
nssswith.conf. after I do this, I can no longer log in to the console,
and the error logs get filled with the following error.

 

[Mon May 19 00:43:26 2008] [notice] child pid 10675 exit signal
Segmentation fault (11)

 

Can anyone point me in the right direction?

 

Sanga M. Collins 

Network Engineering

~~~~~~~~~~~~~~~~~~~~~~~

IT Management LLC

6491 Sunset Strip #5, 

Sunrise Fl, 33313

Tel: (954) 572 7411, 

Fax: (435) 578 7411

I have narrowed this problem down to one of the config files in
/etc/pam.d/ can anyone help me resolve this problem or at least point me
in the right direction. I would really like to use FDS to replace all of
our Active directory and novell e-directory domain controllers (we have
about 47 domains) I am trying to make the case for open source directory
management with my employers and the way things are going, they are
considering just forking over the money to M$ and Novell [arrgggghhhh]

 

Any way here are my pam.d configs

 

 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                                # /etc/pam.d/common-account -
authorization settings common to all services

                                #

                                # This file is included from other
service-specific PAM config files,

                                # and should contain a list of the
authorization modules that define

                                # the central access policy for use on
the system.  The default is to

                                # only deny service to users whose
accounts are expired in /etc/shadow.

                                #

                                # pre_auth-client-config # account
required        pam_unix.so

                                account    sufficient   pam_ldap.so

                                account    required     pam_unix.so

                                #

 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                                # /etc/pam.d/common-auth -
authentication settings common to all services

                                #

                                # pre_auth-client-config # auth
requisite       pam_unix.so nullok_secure

                                # pre_auth-client-config # auth optional
pam_smbpass.so migrate

                                auth       sufficient   pam_ldap.so

                                auth       required     pam_unix.so
nullok_secure use_first_pass

                                #

 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                                # /etc/pam.d/common-password -
password-related modules common to all services

                                #

                                # pre_auth-client-config # password
optional   pam_smbpass.so nullok use_authtok use_first_pass

                                password   sufficient   pam_ldap.so

                                password   required     pam_unix.so
nullok obscure min=4 max=8 md5

                                #

 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                                # /etc/pam.d/common-session -
session-related modules common to all services

                                #

                                # pre_auth-client-config # session
required              pam_unix.so

                                session sufficient      pam_ldap.so

session required        pam_unix.so