-
-
Save trissylegs/e18ba2e03e2728bb68dc8b8f9df902ea to your computer and use it in GitHub Desktop.
Kanidm trouble shooting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sep 08 17:15:20 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:20Z DEBUG kanidm_unixd] Accepted connection | |
Sep 08 17:15:20 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:20Z DEBUG kanidm_unixd] nssaccountbyname req | |
Sep 08 17:15:20 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:20Z DEBUG kanidm_unix_common::cache] get_usertoken | |
Sep 08 17:15:20 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:20Z DEBUG kanidm_unix_common::cache] online expired, refresh cache | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_client::asynchronous] opid -> "186f9f81-31e4-40d2-ab79-88bd2ee9aaf7" | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::db] insert -> 1 | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::db] insert -> 1 | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::db] delete memberships -> 2 | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::db] insert membership -> 1 | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::db] insert membership -> 1 | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::cache] token -> Some(UnixUserToken { name: "nirya", spn: "nirya@idm.trissyle.gs", displayname: "Triss Healy",> | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] Attempting to send response -> NssAccount(Some(NssUser { name: "nirya", gid: 1001, gecos: "Triss Healy", homedir: "> | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] flushed response! | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] Disconnecting client ... | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] Accepted connection | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] nssaccountbyuid req | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::cache] get_usertoken | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::cache] online valid, returning cached item | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unix_common::cache] token -> Some(UnixUserToken { name: "nirya", spn: "nirya@idm.trissyle.gs", displayname: "Triss Healy",> | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] Attempting to send response -> NssAccount(Some(NssUser { name: "nirya", gid: 1001, gecos: "Triss Healy", homedir: "> | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] flushed response! | |
Sep 08 17:15:21 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:21Z DEBUG kanidm_unixd] Disconnecting client ... | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unixd] Accepted connection | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unixd] nssaccountbyname req | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unix_common::cache] get_usertoken | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unix_common::cache] online valid, returning cached item | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unix_common::cache] token -> Some(UnixUserToken { name: "nirya", spn: "nirya@idm.trissyle.gs", displayname: "Triss Healy",> | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unixd] Attempting to send response -> NssAccount(Some(NssUser { name: "nirya", gid: 1001, gecos: "Triss Healy", homedir: "> | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unixd] flushed response! | |
Sep 08 17:15:24 Asuka kanidm_unixd[5983]: [2021-09-08T07:15:24Z DEBUG kanidm_unixd] Disconnecting client ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#%PAM-1.0 | |
auth required pam_faillock.so preauth | |
# Optionally use requisite above if you do not want to prompt for the password | |
# on locked accounts. | |
auth [success=2 default=ignore] pam_unix.so try_first_pass nullok | |
auth sufficient pam_kanidm.so debug ignore_unknown_user | |
auth [default=die] pam_faillock.so authfail | |
auth optional pam_permit.so | |
auth required pam_env.so | |
auth required pam_faillock.so authsucc | |
# If you drop the above call to pam_faillock.so the lock will be done also | |
# on non-consecutive authentication failures. | |
account required pam_unix.so | |
account optional pam_permit.so | |
account sufficient pam_kanidm.so debug ignore_unknown_user | |
account required pam_time.so | |
password required pam_unix.so try_first_pass nullok shadow sha512 | |
password sufficient pam_kanidm.so debug | |
password optional pam_permit.so | |
session required pam_limits.so | |
session required pam_unix.so | |
session optional pam_permit.so |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment