Comment 3 for bug 901242

Hi

When we try to login with a account with auth_pam plugin in.

mysqld: pam_unix(mysqld:auth): conversation failed
mysqld: pam_unix(mysqld:auth): auth could not identify password for [<pamuser>]
mysqld: pam_warn(mysqld:auth): function=[pam_sm_authenticate] service=[mysqld] terminal=[<unknown>] user=[<pamuser>] ruser=[<pamuser>] rhost=[localhost]
mysqld: pam_unix(mysqld:auth): conversation failed
mysqld: pam_unix(mysqld:auth): unable to obtain a password
mysqld: pam_unix(mysqld:auth): auth could not identify password for [<pamuser>]
mysqld: pam_unix(mysqld:auth): conversation failed
mysqld: pam_unix(mysqld:auth): auth could not identify password for [<pamuser>]
mysqld: pam_warn(mysqld:auth): function=[pam_sm_authenticate] service=[mysqld] terminal=[<unknown>] user=[<pamuser>] ruser=[<pamuser>] rhost=[localhost]
mysqld: pam_unix(mysqld:auth): conversation failed
mysqld: pam_unix(mysqld:auth): unable to obtain a password
mysqld: pam_unix(mysqld:auth): auth could not identify password for [<pamuser>]

It can be understandable because we are runing with kerberos login and we don't have any passwords in the shadow file.

I also tryed to get kerberos working but I get this :

authentication fails for 'pamuser' (<email address hidden>): Authentication failure (Cannot read password)

and the pam mysqld conf file is like this:

#%PAM-1.0

auth sufficient /lib/security/$ISA/pam_krb5.so ignore_unknown_upn minimum_uid=5000

account required /lib/security/$ISA/pam_access.so

password required /lib/security/$ISA/pam_cracklib.so dcredit=-2 ucredit=-2 ocredit=-1 lcredit=0 minlen=18
password sufficient /lib/security/$ISA/pam_krb5.so use_authtok

Have we missed something?