bugzilla-daemon at mindrot.org
2004-Sep-04 04:09 UTC
[Bug 926] pam_session_close called as user or not at all
http://bugzilla.mindrot.org/show_bug.cgi?id=926 Summary: pam_session_close called as user or not at all Product: Portable OpenSSH Version: -current Platform: All URL: http://marc.theaimsgroup.com/?l=openssh-unix- dev&m=106458208520320 OS/Version: All Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: openssh-bugs at mindrot.org ReportedBy: dtucker at zip.com.au Reported by Dr. Carsten Benecke: "I guess that the forked child process that calls the sshpam_cleanup() function is forked before the parent calls do_pam_session() (which sets sshpam_session_open to true)." and Chris Jensen: "But when I exit the session, pam_sm_close_session gets called, but it only runs as the user that was logged in, so it doesn't have permission to unmount the directory." The PAM session modules are called in the forked child but the cleanup should be done as root in the parent. Will attach a patch shortly. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Sep-04 04:11 UTC
[Bug 926] pam_session_close called as user or not at all
http://bugzilla.mindrot.org/show_bug.cgi?id=926 ------- Additional Comments From dtucker at zip.com.au 2004-09-04 14:11 ------- Created an attachment (id=709) --> (http://bugzilla.mindrot.org/attachment.cgi?id=709&action=view) Set session_open flag in parent ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Sep-04 04:24 UTC
[Bug 926] pam_session_close called as user or not at all
http://bugzilla.mindrot.org/show_bug.cgi?id=926 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #709 is|0 |1 obsolete| | ------- Additional Comments From dtucker at zip.com.au 2004-09-04 14:24 ------- (From update of attachment 709) Hmm, that doesn't appear to fix it for the privsep case. The privs are permanantly revoked in the parent too, so the cleanup needs to be in the *monitor*. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Sep-06 02:20 UTC
[Bug 926] pam_session_close called as user or not at all
http://bugzilla.mindrot.org/show_bug.cgi?id=926 cjensen at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cjensen at gmail.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- openssh-3.7.1p2: no pam_close_session() invocation
- [Bug 926] pam_session_close called as user or not at all
- [Bug 926] pam_session_close called as user or not at all
- [Bug 926] pam_session_close called as user or not at all
- [Bug 926] pam_session_close called as user or not at all