# pam problem with ejabberd

## campenbe

I installed ejabberd 2.1.5 and configured it to use pam authentication.

in /etc/jabber/ejabberd.cfg

 *Quote:*   

> 
> 
> {auth_method, pam}.
> 
> {pam_service, "xmpp"}.
> ...

 

the corresponding pam service file is /etc/pam.d/xmpp, which is auto generated and contains:

 *Quote:*   

> 
> 
> auth           include         system-auth
> 
> account        include         system-auth
> ...

 

the included system-auth is 

 *Quote:*   

> 
> 
> auth		required	pam_env.so 
> 
> auth		required	pam_unix.so try_first_pass likeauth nullok 
> ...

 

when I use pidgin to login with a valid user and password, I get the following in syslog:

 *Quote:*   

> 
> 
> Aug 26 22:34:35 sokrates unix_chkpwd[3351]: check pass; user unknown
> 
> Aug 26 22:34:35 sokrates unix_chkpwd[3351]: password check failed for user (whoever)
> ...

 

I know user name and password are correct. Any suggestions, how to troubleshoot that best?

----------

## campenbe

I found it. Either I messed up or there is a bug in gentoo's ebuild. The owner ship on the epam helper process was jabber.root instead of root.jabber. Therefore the suid process was not running as root and didn't have access to /etc/shadow. I corrected it once, but it didn't take, because I didn't realize that it was running as a daemon.

----------

