-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello.
Our products use CentOS 6.5 and we would like to deploy them with custom
openssh RPMs. I have downloaded the sources from
http://athena.caslab.queensu.ca/pub/OpenBSD/OpenSSH/portable and built
the RPMs, but the PAM configuration file is wrong after installation.
When I install the default openssh-5.3p1 RPMs from the CentOS 6.5
repository, the configuration looks like this:
# cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed
in the
user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
However, when I rebuild this exact RPM from the source and install it, I
get the following:
# cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
I was wondering if there are any build logs that would show how the
openssh RPMs were built from the source for CentOS 6.5. Perhaps there is
some type of configuration I am missing that would ensure that I get the
same PAM configuration.
Thanks!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJU5yqPAAoJEANGWTohTXlwqQAH/33B+TlbbeLaynfOLF6UvMnN
f+m+b/bxkH2u97nj4UNkEegKUwtiCPG0JbJ+bEQ5BDNavYoBeVZ4PFkEoiksM9CY
HVKCx5OVtB2ZKCb4H+QNzSQKTlLLTeJvsD66xeACaZwyu1m4o5YBj8cidEOYAYby
xQaXEVJG+sOy5MhGljqK+hwwrIIF0cbB0w6kBVGVE5lFeG7czmSkXyC9ASidg40Y
SIIEXLEZAX8rAFSoQd7CZpjvwAo+3JJL3h0+wetr7pyuTnbihvaoUmt5ILesNvd3
vbg41wphFbE2UBCFce3fB+0UQvlTtQVFFlOpCW+U5ZvRkn+IRUb5iMBKAQNHKUo=DjNH
-----END PGP SIGNATURE-----