Displaying 20 results from an estimated 30 matches for "pam_session".
2009 Feb 19
2
auth-worker always opens PAM session
...Dovecot open and immediately close PAM session. Some
PAM plugins need this to work, such as pam_mkhomedir.
I checked the source code in passdb-pam.c:
struct pam_passdb_module {
struct passdb_module module;
const char *service_name, *pam_cache_key;
unsigned int pam_setcred:1;
unsigned int pam_session:1;
unsigned int failure_show_msg:1;
};
And this:
/* -session for backwards compatibility */
if (strcmp(t_args[i], "-session") == 0 ||
strcmp(t_args[i], "session=yes") == 0)
module->pam_session = TRUE;
It seams to me that the session is going to be opened anyway...
2002 Oct 16
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
...|Added
----------------------------------------------------------------------------
CC| |misiek at pld.org.pl
Summary|PAM limits applied |PAM limits applied
|incorrectly |incorrectly (pam_session
| |being called as non-root)
------- Additional Comments From djm at mindrot.org 2002-10-16 13:09 -------
*** Bug 301 has been marked as a duplicate of this bug. ***
------- You are receiving this mail because: -------
You are the assignee for th...
2008 Apr 11
1
Fileshares failing
...uter account problem, rather
than a user access problem.
What would the next debug steps be?
[2008/04/11 12:15:59, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : System error
[2008/04/11 12:15:59, 1] smbd/session.c:session_claim(143)
pam_session rejected the session for domainname#marsh [smb/25659/101]
[2008/04/11 12:15:59, 1] smbd/password.c:register_vuid(310)
Failed to claim session for vuid=101
[2008/04/11 12:15:59, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : System error
[2008...
2003 Sep 15
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
------- Additional Comments From dtucker at zip.com.au 2003-09-15 12:13 -------
Hey, isn't this fixed in -current? do_pam_session is now called before
permanently_set_uid.
Could you please try a snapshot?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Jan 07
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |rudolph at getsystems.com
------- Additional Comments From djm at mindrot.org 2003-01-07 18:31 -------
*** Bug 354 has been marked as a
2003 May 16
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|sshd |PAM support
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jan 31
0
[Bug 83] fork() fails when there are PAM limits set
...gt; would PAM trip up here, and why would the conversation matter? Limits
> such as described would not be managed during pam_authenticate() (when the
> conversation happens). Perhaps I am not familiar enough with nuances
> of debian's PAM implementation.
The problem is that we call pam_session as root, before we fork the child.
Therefore the server picks up the limits, rather than the child.
I recall that we tried moving the pam_session call to the child a while (~18
months) ago to avoid this problem, but other stuff broke much worse. IIRC the
breakage was because we did pam_session st...
2008 Jan 22
0
Debugging samba/winbind SMB share
...1.el4_6.4
samba-swat-3.0.25b-1.el4_6.4
samba-client-3.0.25b-1.el4_6.4
log from /var/log/samba :
[2008/01/22 16:36:18, 0] auth/pampass.c:smb_pam_error_handler(73)
? smb_pam_error_handler: PAM: session setup failed : System error
[2008/01/22 16:36:18, 1] smbd/session.c:session_claim(143)
? pam_session rejected the session for ourdomain#marsh [smb/21026/101]
[2008/01/22 16:36:18, 1] smbd/password.c:register_vuid(310)
? Failed to claim session for vuid=101
[2008/01/22 16:36:18, 0] auth/pampass.c:smb_pam_error_handler(73)
? smb_pam_error_handler: PAM: session setup failed : System error
[2008/...
2003 Mar 10
10
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
------- Additional Comments From djm at mindrot.org 2003-03-10 15:49 -------
Created an attachment (id=247)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=247&action=view)
Call pam_session after child fork()
Hopefully this patch will allow people to gather the feedback necessary to
close this bug.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Feb 12
1
openssh + pam errors (fwd)
heres a fix for pam support im openssh, inline and attached.. openssh
calls do_pam_session early, before a fork(). it does this on the proc
still running as root, so it checks the users limits, against what root
has running, and depending on limits can fail at the fork() (and almost
always does). this patch moves it past the fork. ive been running it for
a couple of weeks and everythi...
2001 Sep 28
2
2.9.9p2 bug in PAM support
With OpenSSH 2.9.9p2 as the server, I'm not able to do scp or "ssh
machinename command" in general to any of my Suns!
I tracked this down a bit; the problem occurs only when PAM support is
enabled. However, if I remove line 430 of session.c,
"do_pam_session(s->pw->pw_name, NULL);" inside of do_exec_no_pty, the
problem goes away.
It looks like the following entry in the Changelog may be responsible:
20010627
- (djm) Reintroduce pam_session call for non-pty sessions.
Let me know if you need any additional info to track this down.
Thank...
2001 Feb 26
1
2.5.1p1 on Redhat Linux 6.2 using PAM does not log closing of session
Hello all,
On Redhat 6.2, the PAM_unix module logs the session opening, but not
the session closing. This was logged as of 2.3.0p1. Upgrading to
2.5.1p1 makrs the start of the problem.
Thanks in advance,
Victor
--
Victor J. Orlikowski
======================
v.j.orlikowski at gte.net
orlikowski at apache.org
vjo at us.ibm.com
2002 Jun 26
3
pam session as root
...init ? PAM_ESTABLISH_CRED : PAM_REINITIALIZE_CRED);
diff -u -r1.1.1.1 monitor.c
--- monitor.c 24 Jun 2002 23:29:52 -0000 1.1.1.1
+++ monitor.c 25 Jun 2002 20:33:41 -0000
@@ -278,6 +278,8 @@
#ifdef USE_PAM
if (!do_pam_account(authctxt->pw->pw_name,
NULL))
authenticated = 0;
+ do_pam_session(authctxt->pw->pw_name, NULL);
+ do_pam_setcred(1);
#endif
}
2007 Dec 19
0
(no subject)
...atabase
may be corrupt so I replaced it with a backup, but no go. I deleted the
smbpasswd database, readded users, that didn't work either. Checking the
samba logs, I found this series of errors when trying to get to any samba
share:
[2007/12/19 08:28:18, 1] smbd/session.c:session_claim(143)
pam_session rejected the session for tom [smb/19550/113]
[2007/12/19 08:28:18, 1] smbd/password.c:register_vuid(310)
Failed to claim session for vuid=113
[2007/12/19 08:29:08, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : System error
[2007/12/19 08:29:08, 1...
2007 Dec 19
0
Authentication issue?
...ther.
Checking a users samba log, I found this series of errors when trying to
get to any samba share:
[2007/12/19 13:16:15, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : System error
[2007/12/19 13:16:15, 1] smbd/session.c:session_claim(143)
pam_session rejected the session for tom [smb/32352/109]
[2007/12/19 13:16:15, 1] smbd/password.c:register_vuid(310)
Failed to claim session for vuid=109
[2007/12/19 13:16:31, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : System error
[2007/12/19 13:16:31,...
2002 Aug 04
2
PAM session trouble
...m.d/samba, I set
session required pam_smbpass.so
then login fails, and the log says:
[2002/08/04 15:43:26, 0] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: session setup failed : Module is unknown
[2002/08/04 15:43:26, 1] smbd/session.c:session_claim(103)
pam_session rejected the session for ichbin [smb/1]
[2002/08/04 15:43:26, 1] smbd/password.c:register_vuid(285)
Failed to claim session for vuid=101
If I set
session required pam_permit.so
then there is no problem, although auth, account, and password are still
set to use pam_smbpass.so.
Does t...
2001 Sep 06
1
lastlog on Solaris with PAM (patch included)
On Solaris, the pam_unix module includes a pam_session which updates the
lastlog file. Since OpenSSH calls pam_session before reading the lastlog
file, SSH logins to systems with this configuration (as well as similar
ones, I'd imagine) report the last login time and remote host as the values
from the current session.
My solution to this problem...
2007 Sep 27
4
GSSAPI Key Exchange Patch for OpenSSH 4.7p1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm pleased to (finally) announce the availability of my GSSAPI Key
Exchange patch for OpenSSH 4.7p1. Whilst OpenSSH contains support for
doing GSSAPI user authentication, this only allows the underlying
security mechanism to authenticate the user to the server, and
continues to use SSH host keys to authenticate the server to the
2003 Apr 30
1
pam + privileges
Hi,
Apologies if my attempts to subscribe bombarded this list with empty emails.
We're running openssh 3.6.1p1 on Linux i386 and need to chroot and modify
people's capabilities (Linux specific) when they log in. To do this we've
compiled openssh with
pam support and then configured pam to chroot people and alter their
capabilities
(such as giving them the privilege to bind to a port
2003 Sep 17
0
gssapi and pam problems with 3.7.1p1
...sapi
patch in conjunction with a pam_module, which executed 'aklog', a
program that converts a kerberos ticket to an AFS token.
This does not work anymore with priv separation enabled. I had a look
at the sources and found out, that the transferred Kerberos
credentials got stored after the pam_session module was executed. I
therefor created the attached small patch, which makes it work for
me. I am sure that it is not an elegant method, but...
If there is a different way to go please let me know.
regards,
Christian Pfaffel
--
Christian Pfaffel <flash at itp.tu-graz.ac.at>
Technische Un...