Introduction to the Kerberos Products and
PAM Kerberos
LoggingThe pamkrbval tool logs all messages to stdout. Following are the log categories provided:
| [LOG] | These messages are logged when the verbose option is |
|
| set. |
| [NOTICE] | These messages are logged to notify the user about the |
|
| erroneous lines in the PAM configuration files or notify |
|
| about the skipping of /etc/pam_user.conf file |
|
| validation. |
| [FAIL] | These messages are logged when validation fails. |
| [WARNING] | These messages are logged to notify the user about a |
|
| potentially erroneous configuration on the system that |
|
| may result in failure. |
| [PASS] | These messages are logged when any validation |
|
| succeeds. |
| [IGNORE] | These messages are logged when validation of the |
|
| /etc/krb5.keytab is ignored. |
| ERROR | These messages are logged to inform the user about the |
|
| exact problem in the PAM configuration files |
| [HELP] | These messages will give some minimal help to the |
|
| user to rectify the problem. |
| If you get any [FAIL] or ERROR messages, you must diagnose the nature | |
| of the problem. See “Troubleshooting Using the pamkrbval Tool” on | |
| page 100 for more information. | |
Options | Use the following command with the options listed below: | |
| /usr/sbin/pamkrbval | |
| verbose output | |
| {pa32 pa64 ia32 ia64} | |
Depending on the architecture on which the validation need to be done this option needs to be set. The flags available are as listed below:
pa32 for PA
50 | Chapter 2 |