From 6ad303c39f3d2a8435e72f5c8aa4a6df545a60bc Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Wed, 23 Mar 2022 11:47:59 +0100
Subject: [pam-slx-plug] Add logging to journal

---
 .../modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'core/modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap')

diff --git a/core/modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap b/core/modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap
index b94ec5db..17069bc7 100644
--- a/core/modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap
+++ b/core/modules/pam-slx-plug/data/opt/openslx/pam/auth-source.d/99-slx-ldap
@@ -84,6 +84,7 @@ run_auth() {
 		sleep "$retries" &> /dev/null # lazy END handling
 	done
 	BINDDN=$(extract_field "dn" "$SEARCH_ANON")
+	log "ldap search for $PAM_USER return code $RET, result $BINDDN"
 	[ -z "$BINDDN" ] && BINDDN=$(extract_field "distinguishedName" "$SEARCH_ANON")
 	[ -z "$BINDDN" ] && return 1
 	# User exists
@@ -135,6 +136,7 @@ run_auth() {
 		esac
 		sleep "$retries"
 	done
+	log "LDAP bind for '$BINDDN' as $PAM_USER returned $RET"
 	[ "$RET" = 0 ] || return 1
 	USER_UID=$(extract_field "uidNumber" "$SEARCH_USER" "$SEARCH_ANON")
 	if [ -z "$USER_UID" ]; then
-- 
cgit v1.2.3-55-g7522