Problem nach Upgrade 4.2 -> 4.3: PAM authentication failed

Antworten
DK3
Beiträge: 13
Registriert: 07 Feb 2023, 10:36

Re: Problem nach Upgrade 4.2 -> 4.3: PAM authentication failed

Beitrag von DK3 »

Ich habe erstmal ein Backup der VM zurückgespielt und arbeite weiter mit OPSI 4.2.
Ich habe eine weitere Kopie der VM auf einen anderes System kopiert um damit weiter zu Testen.

Ich habe den opsiconfd mal mit Log-Level 7 gestartet.

Wenn ich mich am configed Anmelden will kommt folgender Abschnitt:

Code: Alles auswählen

[6] [2024-01-10 16:14:33.622] [127.0.0.1      ] 127.0.0.1:54352 - "HEAD / HTTP/1.1" 200   (h11_impl.py:478)
[6] [2024-01-10 16:14:33.622] [127.0.0.1      ] Server-Timing HEAD /: session_handling=0.1ms, request_processing=0.0ms, total=0.0ms   (statistics.py:224)
[6] [2024-01-10 16:14:33.633] [               ] Creating new file log '/var/log/opsi/opsiconfd/127.0.0.1.log'   (logging.py:301)
[6] [2024-01-10 16:14:33.646] [127.0.0.1      ] Accepting session lifetime 900 from client   (session.py:494)
[7] [2024-01-10 16:14:33.647] [127.0.0.1      ] Session id missing (127.0.0.1 / opsi config editor 4.2.22.23)   (session.py:727)
[7] [2024-01-10 16:14:33.647] [127.0.0.1      ] Disable max_session_per_ip for address: 127.0.0.1   (session.py:679)
[6] [2024-01-10 16:14:33.649] [127.0.0.1      ] Accepting session lifetime 900 from client   (session.py:494)
[6] [2024-01-10 16:14:33.649] [127.0.0.1      ] Checking if client '127.0.0.1' is blocked   (session.py:1180)
[7] [2024-01-10 16:14:33.649] [127.0.0.1      ] ts.range opsiconfd:stats:client:failed_auth:127.0.0.1 1704899554000 1704899674000 aggregation count 120000   (session.py:1192)
[6] [2024-01-10 16:14:33.649] [127.0.0.1      ] Start authentication of client 127.0.0.1   (session.py:1095)
[7] [2024-01-10 16:14:33.651] [127.0.0.1      ] (MySQLdb.OperationalError) (1227, 'Access denied; you need (at least one of) the SUPER privilege(s) for this operation')
[SQL: SET GLOBAL max_allowed_packet = 256000000]
(Background on this error at: https://sqlalche.me/e/14/e3q8)   (__init__.py:239)
[7] [2024-01-10 16:14:33.652] [127.0.0.1      ] Trying to authenticate by user authentication module <opsiconfd.auth.pam.PAMAuthentication object at 0x7fbe5a371f90>   (session.py:1036)
[7] [2024-01-10 16:14:33.652] [127.0.0.1      ] Attempting PAM authentication as user admin (service=common-auth)...   (pam.py:55)
[7] [2024-01-10 16:14:34.312] [               ] Store session   (session.py:883)
[7] [2024-01-10 16:14:35.758] [127.0.0.1      ] PAM authentication failed: Authentication failure (code 7)   (pam.py:60)
[7] [2024-01-10 16:14:35.964] [127.0.0.1      ] Handle request exception OpsiServiceAuthenticationError: Opsi service authentication error: Authentication failed for user 'admin': Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure   (session.py:241)
Traceback (most recent call last):
  File "opsiconfd/auth/pam.py", line 61, in authenticate
RuntimeError: Authentication failure

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "opsiconfd/session.py", line 1039, in authenticate_user_auth_module
  File "starlette/concurrency.py", line 41, in run_in_threadpool
  File "anyio/to_thread.py", line 33, in run_sync
  File "anyio/_backends/_asyncio.py", line 877, in run_sync_in_worker_thread
  File "anyio/_backends/_asyncio.py", line 807, in run
  File "opsiconfd/auth/pam.py", line 65, in authenticate
opsicommon.exceptions.OpsiServiceAuthenticationError: Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "opsiconfd/session.py", line 350, in __call__
  File "opsiconfd/session.py", line 213, in handle_request
  File "opsiconfd/session.py", line 1245, in check_access
  File "opsiconfd/session.py", line 1065, in authenticate
  File "opsiconfd/session.py", line 1140, in _authenticate
  File "opsiconfd/session.py", line 1041, in authenticate_user_auth_module
opsicommon.exceptions.OpsiServiceAuthenticationError: Opsi service authentication error: Authentication failed for user 'admin': Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure
[4] [2024-01-10 16:14:35.966] [127.0.0.1      ] Opsi service authentication error: Authentication failed for user 'admin': Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure   (session.py:264)
[7] [2024-01-10 16:14:35.966] [127.0.0.1      ] Returning jsonrpc response because path startswith /rpc   (session.py:321)
[6] [2024-01-10 16:14:35.967] [127.0.0.1      ] 127.0.0.1:54356 - "POST /rpc HTTP/1.1" 401   (h11_impl.py:478)
[6] [2024-01-10 16:14:35.967] [127.0.0.1      ] Server-Timing POST /rpc: request_processing=2320.0ms, total=2320.0ms   (statistics.py:224)
Wenn ich mich im Web Interface Anmelden möchte kommt folgender Abschnitt:

Code: Alles auswählen

[6] [2024-01-10 16:15:12.040] [127.0.0.1      ] Accepting session lifetime 900 from client   (session.py:494)
[7] [2024-01-10 16:15:12.040] [127.0.0.1      ] Load session   (session.py:851)
[7] [2024-01-10 16:15:12.041] [127.0.0.1      ] Reusing session: <OPSISession at 0x7fbe59f19b90 created=1704895083 last_used=1704895536> (127.0.0.1 / Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0)   (session.py:735)
[6] [2024-01-10 16:15:12.041] [127.0.0.1      ] Accepting session lifetime 900 from client   (session.py:494)
[7] [2024-01-10 16:15:12.041] [127.0.0.1      ] rest_api method name: login   (rest.py:238)
[6] [2024-01-10 16:15:12.041] [127.0.0.1      ] Checking if client '127.0.0.1' is blocked   (session.py:1180)
[7] [2024-01-10 16:15:12.042] [127.0.0.1      ] ts.range opsiconfd:stats:client:failed_auth:127.0.0.1 1704899592000 1704899712000 aggregation count 120000   (session.py:1192)
[7] [2024-01-10 16:15:12.042] [127.0.0.1      ] num_failed_auth: 1   (session.py:1196)
[6] [2024-01-10 16:15:12.042] [127.0.0.1      ] Start authentication of client 127.0.0.1   (session.py:1095)
[7] [2024-01-10 16:15:12.043] [127.0.0.1      ] (MySQLdb.OperationalError) (1227, 'Access denied; you need (at least one of) the SUPER privilege(s) for this operation')
[SQL: SET GLOBAL max_allowed_packet = 256000000]
(Background on this error at: https://sqlalche.me/e/14/e3q8)   (__init__.py:239)
[7] [2024-01-10 16:15:12.044] [127.0.0.1      ] Trying to authenticate by user authentication module <opsiconfd.auth.pam.PAMAuthentication object at 0x7fbe5a343c10>   (session.py:1036)
[7] [2024-01-10 16:15:12.044] [127.0.0.1      ] Attempting PAM authentication as user admin (service=common-auth)...   (pam.py:55)
[6] [2024-01-10 16:15:12.086] [               ] Creating new file log '/var/log/opsi/opsiconfd/127.0.0.1.log'   (logging.py:301)
[7] [2024-01-10 16:15:12.393] [               ] Store session   (session.py:883)
[7] [2024-01-10 16:15:13.833] [127.0.0.1      ] PAM authentication failed: Authentication failure (code 7)   (pam.py:60)
[3] [2024-01-10 16:15:14.035] [127.0.0.1      ] Opsi service authentication error: Authentication failed for user 'admin': Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure   (rest.py:265)
Traceback (most recent call last):
  File "opsiconfd/auth/pam.py", line 61, in authenticate
RuntimeError: Authentication failure

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "opsiconfd/session.py", line 1039, in authenticate_user_auth_module
  File "starlette/concurrency.py", line 41, in run_in_threadpool
  File "anyio/to_thread.py", line 33, in run_sync
  File "anyio/_backends/_asyncio.py", line 877, in run_sync_in_worker_thread
  File "anyio/_backends/_asyncio.py", line 807, in run
  File "opsiconfd/auth/pam.py", line 65, in authenticate
opsicommon.exceptions.OpsiServiceAuthenticationError: Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "opsiconfd/rest.py", line 242, in create_response
  File "opsiconfd/rest.py", line 231, in exec_func
  File "opsiconfd/application/session.py", line 33, in login
  File "opsiconfd/session.py", line 1065, in authenticate
  File "opsiconfd/session.py", line 1140, in _authenticate
  File "opsiconfd/session.py", line 1041, in authenticate_user_auth_module
opsicommon.exceptions.OpsiServiceAuthenticationError: Opsi service authentication error: Authentication failed for user 'admin': Opsi service authentication error: PAM authentication failed for user 'admin': Authentication failure
[6] [2024-01-10 16:15:14.039] [127.0.0.1      ] 127.0.0.1:48330 - "POST /session/login HTTP/1.1" 401   (h11_impl.py:478)
[6] [2024-01-10 16:15:14.039] [127.0.0.1      ] Server-Timing POST /session/login: session_handling=1.5ms, database=1.1ms, database_result_processing=0.0ms, request_processing=1999.0ms, total=1999.0ms   (statistics.py:224)
Für einen Fernzugriff kann ich Teamviewer und Anydesk anbieten.


DK3
Nach oben
DK3
Beiträge: 13
Registriert: 07 Feb 2023, 10:36

Re: Problem nach Upgrade 4.2 -> 4.3: PAM authentication failed

Beitrag von DK3 »

Es sieht so aus, als wenn die Berechtigungen in der MariaDB oder der Zugriff darauf zerschossen werden.

- Wenn ich bei OPSI 4.2 den Befehl "opsi-setup --configure-mysql" ausführe, läuft alles wunderbar durch.
- Wenn ich bei OPSI 4.3 den Befehl "opsiconfd setup --configure-mysql" ausführe, bekommt er schon beim root-PW ein
"Failed to connect to MySQL database: 1698, "Access denied for user 'root'@'localhost'""
und bricht ab.
Nach oben
Antworten

Zurück zu „Freier Support“