2 Replies Latest reply on Mar 2, 2016 1:57 PM by precha

    Unable to authenticate (error code 34) in the web console - McAfee VirusScan Enterprise for Linux 1.7 on Red Hat 5.7

      Environment:

      Red Hat 5.7 2.6.18-274.el5 x86_64

      SELinux enabled and enforced

      McAfeeVSEForLinux-1.7.0-28611

      McAfee Runtime 2.0

      McAfee Agent 4.6.0 Release 1694

       

       

      Troubleshooting:

      Installs of the McAfee products listed above were clean with no issues.

       

      Confirmed with 'passwd nails' that password is set and known.

       

      nails service restarts with no warnings or errors.

       

      /etc/pam.d/nails contents:

      #%PAM-1.0

      auth       include      system-auth

       

      Iptables have entries for 55443 and 65443.

       

      Entries in /var/opt/NAI/LinuxShield/log/apache/error_log:

      .

      .

      [Tue Feb  7 09:35:21 2012] [notice] caught SIGTERM, shutting down

      [Tue Feb  7 09:35:33 2012] [notice] Apache/1.3.42 (Unix) mod_ssl/2.8.31 OpenSSL/0.9.8r configured -- resuming normal operations

      [Tue Feb  7 09:35:33 2012] [notice] Accept mutex: sysvsem (Default: sysvsem)

      [Tue Feb  7 09:35:42 2012] [error] [client x.x.x.x] File does not exist: /opt/NAI/LinuxShield/apache/htdocs/favicon.ico

      [Tue Feb  7 09:35:42 2012] [error] [client x.x.x.x] File does not exist: /opt/NAI/LinuxShield/apache/htdocs/favicon.ico

       

      Using guidance in KB70569:

      /opt/NAI/LinuxShield/libexec/openssl s_client -host 127.0.0.1 -port 65443

      Clean with no warnings or errors until I attempt to authenticate:

      .

      .

      .

      +OK welcome to the NAILS Statistics Service <3253.3252.1328630970.69>

      auth nails ##############

      -ERR authentication failure

       

      Using guidance in KB73087:

      Confirmed libpam was correct in both /var/opt/NAI/LinuxShield/etc/monitor.cfg and nailsd.cfg

       

      I continue to get the 'error code 34' page when attempting to log in.

       

      Thanks in advance for any assistance.

       

      Robert

        • 1. Re: Unable to authenticate (error code 34) in the web console - McAfee VirusScan Enterprise for Linux 1.7 on Red Hat 5.7

          Hi Robert...

           

          I was browsing through the web and found your post. I had a similar issue

           

          My Setup is:

          Novell OES 11 SP1  (X86_64)

          SLES 11 2.6.32.12-0.7-default #1 SMP 2010-05-20 11:14:20 +0200 x86_64 x86_64 x86_64 GNU/Linux

          McAfeeVSEForLinux-1.7.0-28611

          No SELinux.

          User nails and group nails group are LUM enabled (Linux User Management). Which is using eDirectory (Directory Service) users and/or groups  to work on the Unix/Linux machine as if they were local (PAM auth module).

           

          this is  /etc/pam.d/nails

          #%PAM-1.0

          auth    sufficient      pam_nam.so use_first_pass

          auth    include         common-auth

          auth    required        pam_nologin.so

          account sufficient      pam_nam.so

          password required       pam_nam.so

          auth     requisite      pam_nologin.so

          auth     include        common-auth

           

           

          My problem turned out to be load order.

          Inside the /etc/init.d/rcx.d ... the starting script for nails, S10nails was loading before my LUM pam module (S10namcd), following an alphabetical order. Hence the webserver modules could never authenticate the nails user, since the user was not there yet... from there on, I got error 34 on the web console, error 34 on the console command.

           

          Once I changed /etc/init.d/rc2.d/S10nails to S11nails ... and the the others rcx.d ... VirusScan 1.7 started working just fine.

           

          I picked it up during the boot process, I ESCed from the splash screen and just happened to catch the naislwebd giving the bad user name nails and right after the namcd starting up ...

           

          Hope it helps a bit.

           

           

           

           

           

          /opt/NAI/LinuxShield/libexec/openssl s_client -host 127.0.                                            0.1 -port 65443

          CONNECTED(00000003)

          depth=0 /C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.19                                            5/emailAddress=DLNSLProjectTeam@nai.com

          verify error:num=18:self signed certificate

          verify return:1

          depth=0 /C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.19                                            5/emailAddress=DLNSLProjectTeam@nai.com

          verify return:1

          ---

          Certificate chain

          0 s:/C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.195/e                                             mailAddress=DLNSLProjectTeam@nai.com

             i:/C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.195/e                                             mailAddress=DLNSLProjectTeam@nai.com

          ---

          Server certificate

          -----BEGIN CERTIFICATE-----

          MIICvzCCAigCCQCITs43rPea5zANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMC

          SU4xEjAQBgNVBAgTCUthcm5hdGFrYTESMBAGA1UEBxMJQmFuZ2Fsb3JlMRQwEgYD

          VQQKEwtNY0FmZWUgSW5jLjEUMBIGA1UECxMLTGludXhTaGllbGQxFzAVBgNVBAMT

          DjE3Mi4yNC4yMDcuMTk1MScwJQYJKoZIhvcNAQkBFhhETE5TTFByb2plY3RUZWFt

          QG5haS5jb20wHhcNMTIwNTAzMTU0NDIxWhcNMjIwNTAxMTU0NDIxWjCBozELMAkG

          A1UEBhMCSU4xEjAQBgNVBAgTCUthcm5hdGFrYTESMBAGA1UEBxMJQmFuZ2Fsb3Jl

          MRQwEgYDVQQKEwtNY0FmZWUgSW5jLjEUMBIGA1UECxMLTGludXhTaGllbGQxFzAV

          BgNVBAMTDjE3Mi4yNC4yMDcuMTk1MScwJQYJKoZIhvcNAQkBFhhETE5TTFByb2pl

          Y3RUZWFtQG5haS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMXn1AhE

          WOXiZyx34tvxIF8cZhetYnKoG0KHjqLyYITHKZCcVOCf2preMDrRRWh+28fCOS6X

          aUFKacWK1168ud4xp7iDaOyo5UmKwgqjlx0jTA3gtxUEGIDsOhmg44bI+5AdwCIW

          pNpF1m/iUxqJD7ti0YPwLDACwoDi7Y+1QGuNAgMBAAEwDQYJKoZIhvcNAQEFBQAD

          gYEAdtbICkximMfaKzm7UXlDPmpMMm6YSHxjvnW0tjucjQOWUjkApLUiucCmqpU8

          4A6E9VPviOeJrUrgmfDa41axur6X8cwKm0e2W7qEMqbbfa/mwD/WXfap39idurx6

          lLUPcVdcmNSH67knnXs6oGpheIg3svn7Bm+I/cFL4UVQ0oE=

          -----END CERTIFICATE-----

          subject=/C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.19                                            5/emailAddress=DLNSLProjectTeam@nai.com

          issuer=/C=IN/ST=Karnataka/L=Bangalore/O=McAfee Inc./OU=LinuxShield/CN=172.24.207.195                                             /emailAddress=DLNSLProjectTeam@nai.com

          ---

          No client certificate CA names sent

          ---

          SSL handshake has read 876 bytes and written 325 bytes

          ---

          New, TLSv1/SSLv3, Cipher is AES256-SHA

          Server public key is 1024 bit

          Secure Renegotiation IS supported

          Compression: NONE

          Expansion: NONE

          SSL-Session:

              Protocol  : TLSv1

              Cipher    : AES256-SHA

              Session-ID: 0731809F83997509D8F175C42B1CEA6756BAC654F9025CF27E460E9571561F06

              Session-ID-ctx:

              Master-Key: 8A3FE2E14E514F31A64DE21A6DDE85A1BE759C9FF6DD6BFAACE0CAA3EEFD8D787DF2                                             C9716E6ED9C0D0F8C2D8578C33B9

              Key-Arg   : None

              Start Time: 1336166832

              Timeout   : 300 (sec)

              Verify return code: 18 (self signed certificate)

          ---

          +OK welcome to the NAILS Statistics Service <4865.4858.1336166832.47>

          auth nails #########

          +OK successful authentication

          • 2. Re: Unable to authenticate (error code 34) in the web console - McAfee VirusScan Enterprise for Linux 1.7 on Red Hat 5.7
            precha

            Hi Miguel Veliz ,

            Could you please guide me to resolve this same problem.