Solaris and a minor PAM *problem*

Andrew Morgan morgan at transmeta.com
Tue Aug 1 06:35:39 EST 2000


Lasse Holmqvist wrote:
> Closing connection to n.n.n.n
> Cannot delete credentials: Permission denied
>                            ^^^^^^^^^^^^^^^^^
> Why do I get this *Permission denied* ???
> 
> The error is generated in auth-pam.c:
>    pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_DELETE_CRED);
>         if (pam_retval != PAM_SUCCESS) {
>             log("Cannot delete credentials: %.200s",
>                 PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
>         }
> i.e. the return value from pam_setcred isn't PAM_SUCCESS.

This is likely to be a misfeature of the Solaris implementation of the
pam_unix.so module. I don't believe it is indicative of anything other
than the fact that pam_unix.so does not implement credential deletion.
(In other words, if you don't hear differently from someone at Sun - who
knows for definite what their pam_unix does? - I don't believe you need
to worry about this error.)

Cheers

Andrew





More information about the openssh-unix-dev mailing list