SCIENTIFIC-LINUX-USERS Archives

August 2005

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Help: I can't login via the console if the network is down
From:
Bill Feero <[log in to unmask]>
Reply To:
Bill Feero <[log in to unmask]>
Date:
Mon, 29 Aug 2005 14:33:52 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (61 lines) 
I'm using openLDAP on SL 4. I used authconfig to use LDAP, which modified nsswitch.conf and pam.d/system-auth.
I can also login via the local console port.

Everything works if the network is up.

If the network is down (I simulate this by removing the network cable), When I try to login via the console port as a user
defined locally, after 60 seconds I get a 'Login timed out' message.

I tried adding a -t 120 to the mgetty line in /etc/inittab, but I still get a 60 second timeout.

I modified the timeouts in /etc/ldap.conf from 30 to 10 seconds, but no luck.

nsswitch.conf lines that include ldap are all like this: files ldap

I know what is happening - I'm trying to contact the LDAP server, and the network is timing out.

How do I lengthen the login timeout, or get LDAP or the network to timeout within the 60 seconds?


Thanks for any help or ideas.


------------------ snippet ldap.conf
# Search timelimit
#timelimit 30
timelimit 10

# Bind timelimit
#bind_timelimit 30
bind_timelimit 10
------------------------


-------------------- pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so broken_shadow
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore authinfo_unavail=ignore] /lib/security/$ISA/pam_ldap.so
account     required      /lib/security/$ISA/pam_permit.so

password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so
~

-- 
Bill Feero
Logical Solutions, Inc.

ATOM RSS1 RSS2