claudyus
commented
9 years ago I just double check the python-pam from debian repo and pip system and I sadly discover that are not related! You need to use the version from pip to work.
Closed kallisti5 closed 9 years ago
claudyus
commented
9 years ago I just double check the python-pam from debian repo and pip system and I sadly discover that are not related! You need to use the version from pip to work.
kallisti5
commented
9 years ago Nope. Same error on pip's pam.
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/python2.7/site-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/lib/python2.7/site-packages/lwp-git_-py2.7.egg/lwp/views/auth.py", line 88, in login
p = pam.pam()
AttributeError: 'module' object has no attribute 'pam'
alexkn
commented
9 years ago It works with python-pam from ubuntu on my server.
With this change https://github.com/alexkn/LXC-Web-Panel/commit/cda2407dc13cfe094c56c1367eee06f2c99eeb9c it should work on fedora python-pam and with the pip version, but not with python-pam from ubuntu repo.
lukasraska
commented
9 years ago python-pam in Ubuntu is totaly different package and won't work with this API, @alexkn commit fixes this, so only pip version should be used in Ubuntu
claudyus
commented
9 years ago python-pam a library puzzle....
Ok, first of all thanks @DarkKnightCZ for you PR that implement a try/catch method to determinate which library is installed, but something is still unclear to me!
The initial pam_auth is based on this library [1], the version that @alexkn commit in his fork is based, I suppose, on [2] while your PR, @DarkKnightCZ, support the third library [3] and [2] as fallback.
Now I don't like to write code that support up to 3 library just to auth the user...
I believe that fedora and ubuntu are both delivering different version of [3] but in @DarkKnightCZ's PR the pip version is not supported due code based on @alexkn's commit. It is correct? If so I would like to support [1] and [3] and leave behind the support for [2] that is anyway not packaged or provided by any disto. I'm right or I misunderstood something?
lukasraska
commented
9 years ago Great, so there are 3 of them. And it gets more complicated.
Number 1 is only installable via pip. Number 2 is shipped with Fedora (https://apps.fedoraproject.org/packages/python-pam) as well in PyPI. Number 3 is shipped with Debian-based distros (Debian / Ubuntu) as well as in RHEL-based distros (RHEL / CentOS)
My commit adds the possibility to use packages 2 and 3 (so it can be added as dependency in RPM / DEB and also used standalone by installing "pam" via pip). If used libraries were only 1 and 3, it would break the possibility to use PAM on Fedora-based distros, since it provides python-pam as library 2, not 3.
Since number 1 isn't shipped with any OS-based packaging system, I suggest to drop support for it and at least notify users that there are more libraries for this.
I guess this is now final summary of this problem.
claudyus
commented
9 years ago Ok, I agree with your OS-based first policy. Go ahead with your PR!
lukasraska
commented
9 years ago Great, but i would rather combine it with #58 (it's done and I haven't found out any issues yet), which reworks the authentication and provides interface for adding new authentication methods without the need of having one large file
claudyus
commented
9 years ago fixed merging #63
Error seen for PAM auth on Fedora 21 after login.