The login of my servers is done through ldap. All logins were working fine except the remote login on the vmware-server running on an amd64 server. All remote logins to vmware-server using users defined on ldap were failing. The only ones working were the users defined locally on the server. vmware-server uses 32bit pam modules. I fixed this issue copying the pam_ldap.so module from a 32bit machine to the /lib32/security directory on the amd64 server. I believe there should be a regular source of a 32bit pam_ldap.so module for amd64 machines. I'm not sure if the provider of such a module should be app-emulation/emul-linux-x86-baselibs which seems to provide all other /lib32/security modules or there should be a sys-auth/pam_ldap32bit ebuild. I'm not needing it but for the sake of completeness I think system-auth/nss_ldap should also have a 32bit version for amd64.
Maybe vmware upstream should provide such stuff bundled if it needs it? :P
(In reply to comment #1) > Maybe vmware upstream should provide such stuff bundled if it needs it? :P Yeah, that's a possiblity that didn't occured to me. Nice thought. But in fact I don't think this is the case. If we understand that Gentoo is responsible for providing all the stuff on /lib32/security and so providing several pam facilities for 32 bit applications on an amd64 machine, why only ldap login would be vmware upstream responsability? Besides that, any 32 bit application on an amd64 machine is affected by this issue. It's not a vmware-server specific issue.
This bug really has nothing to do with VMware. The OP is wanting LDAP login capabilities for 32-bit applications on AMD64. It just happens that the only real 32-bit application that we have in common usage that uses authentication such as this is VMware Server. This won't be required for future versions of VMware Server when they switch to true 64-bit binaries for 64-bit machines, but it is needed for now. Even then, it is still usable by other applications. Just because I can't think of one off the top of my head doesn't mean it isn't useful. Of course, we simply wrap this bad boy in the pam and ldap USE flags (pam and ldap for pam_ldap and just ldap for nss_ldap) and we're good to go.
emul-linux-x86-baselibs-20071114 in the tree p.masked. use at your own risk.