search for: pam_tty_kludge

Displaying 18 results from an estimated 18 matches for "pam_tty_kludge".

2001 Oct 25
6
Regarding PAM_TTY_KLUDGE and Solaris 8...
>Okay, this appears to be a problem with pam_unix.so - the code in >pam_sm_open_session is written with the assumption that the tty name is of >the form "/dev/" + something else on the end. I'm not sure why the pam_sm_open_session in pam_unix on Solaris now does this: /* report error if ttyn or rhost are not set */ if ((ttyn == NULL) || (rhost == NULL))
2001 Oct 23
8
Another round of testing calls.
Outside the known 'Hang-on-exit' bug and the Solaris 'PAM_TTY_KLUDGE' required. *WHAT* other issues *MUST* be address before 3.0 which is approaching fast? Those running NeXTStep I need conformation that it works under NeXT. My current Slab is packed in a storage unit due to a fire in my apartment complex (happened above me so I'm wrapping up dealing with...
2010 Jul 16
8
[Bug 1799] New: Unable to login through PAM on Solaris 8 x86 due to PAM_TTY
...ened, exiting Connection to 10.100.3.175 closed. $ The error on the server is: debug3: PAM: opening session PAM: pam_open_session(): Can not make/remove entry for session I have determined the problem is that pam_unix.so.1 does not like the value of PAM_TTY. I see this in the source code: #ifdef PAM_TTY_KLUDGE /* * Some silly PAM modules (e.g. pam_time) require a TTY to operate. * sshd doesn't set the tty until too late in the auth process and * may not even set one (for tty-less connections) */ debug("PAM: setting PAM_TTY to \"ssh\""); sshpam_err =...
2016 Aug 01
2
OpenSSH 7.3p1 can't be build on Solaris 10
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The same result without CFLAGS: configure:17300: checking for mblen configure:17356: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong -fPIE
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
...dle_t**)&pamh); + pam_retval = pam_start(SSHD_PAM_SERVICE, pw->pw_name, &conv, &pamh); if (pam_retval != PAM_SUCCESS) { fatal("PAM initialisation failed: %.200s", - PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); + PAM_STRERROR(pamh, pam_retval)); } #ifdef PAM_TTY_KLUDGE @@ -254,10 +306,10 @@ * not even need one (for tty-less connections) * Kludge: Set a fake PAM_TTY */ - pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_TTY, "ssh"); + pam_retval = pam_set_item(pamh, PAM_TTY, "ssh"); if (pam_retval != PAM_SUCCESS) { fatal("...
2002 Mar 12
2
sys/queue.h
...INE(BROKEN_GETADDRINFO) dnl AIX handles lastlog as part of its login message AC_DEFINE(DISABLE_LASTLOG) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) ;; *-*-cygwin*) LIBS="$LIBS /usr/lib/textmode.o" @@ -123,7 +122,6 @@ check_for_libcrypt_later=1 AC_DEFINE(DONT_TRY_OTHER_AF) AC_DEFINE(PAM_TTY_KLUDGE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) inet6_default_4in6=yes ;; mips-sony-bsd|mips-sony-newsos4) @@ -175,7 +173,6 @@ CPPFLAGS="$CPPFLAGS -DSUNOS4" AC_CHECK_FUNCS(getpwanam) AC_DEFINE(PAM_SUN_CODEBASE) - AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H) conf_utmp_location=/etc/utmp conf_wtmp...
2003 Nov 09
2
[Bug 687] sshd segfaults under Solaris 2.6
http://bugzilla.mindrot.org/show_bug.cgi?id=687 ------- Additional Comments From dtucker at zip.com.au 2003-11-08 21:37 ------- Created an attachment (id=495) --> (http://bugzilla.mindrot.org/attachment.cgi?id=495&action=view) Make PAM_TTY "/dev/ssh" not "ssh" for PAM_TTY_KLUDGE Please try this patch and see if it makes a difference for you. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2001 Sep 28
2
2.9.9p2 bug in PAM support
With OpenSSH 2.9.9p2 as the server, I'm not able to do scp or "ssh machinename command" in general to any of my Suns! I tracked this down a bit; the problem occurs only when PAM support is enabled. However, if I remove line 430 of session.c, "do_pam_session(s->pw->pw_name, NULL);" inside of do_exec_no_pty, the problem goes away. It looks like the following entry
2004 Apr 02
1
PAM_LDAP fails with 3.7.1p2 when Shadow password installed on HP-UX 11.11
...ng why 3.7.1p2 alone do not work when 3.6, and 3.8 works. Both 3.7 and 3.8 have the following macros in config.h #undef DISABLE_SHADOW #define HAS_SHADOW_EXPIRE 1 #define HAVE_SHADOW_H 1 #define HAVE_SECURITY_PAM_APPL_H 1 #define USE_PAM 1 #define PAM_SUN_CODEBASE 1 #define HAVE_LIBPAM 1 /* #undef PAM_TTY_KLUDGE */ /* #undef HAVE_OLD_PAM */ /* #undef HAVE_PAM_GETENVLIST */ /* #undef HAVE_PAM_PUTENV */ Some more info on the PAM_LDAP library used on the system. When Shadow password bundle is installed on the system, shadow file enable and disable command is installed on "/usr/sbin/pwunconv" and &...
2012 May 09
1
warning from configuring openssh-6.0p1
...define HAVE_SYS_SYSMACROS_H 1 | #define HAVE_SYS_TIME_H 1 | #define HAVE_SYS_UN_H 1 | #define HAVE_TIME_H 1 | #define HAVE_TTYENT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_UTIME_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_UTMPX_H 1 | #define HAVE_LASTLOG_H 1 | #define HAVE_SYS_MOUNT_H 1 | #define PAM_TTY_KLUDGE 1 | #define LOCKED_PASSWD_PREFIX "!" | #define SPT_TYPE SPT_REUSEARGV | #define LINK_OPNOTSUPP_ERRNO EPERM | #define _PATH_BTMP "/var/log/btmp" | #define USE_BTMP 1 | #define LINUX_OOM_ADJUST 1 | #define HAVE_LINUX_IF_TUN_H 1 | #define SSH_TUN_LINUX 1 | #define SSH_TUN_COMPAT_AF...
2001 Oct 25
3
PAM conversation stuff
Okay, I'm confused again. They way you guys are talking about the conversation routine, it would seem that you think it is a way to fetch something from the user - like a new password. Is this possible? Does calling pam_chauthtok() cause the underlying pam_sm_chauthtok() eventually print something on stdout and read a new password from stdin (the socket to the client) using the conversation
2004 Feb 27
3
Change request For OpenSSH 3.8p1
...ve access to (although that would only matter if the flag was set). diff -r -c old/configure.ac new/configure.ac *** old/configure.ac Mon Feb 23 22:47:04 2004 --- new/configure.ac Thu Feb 26 17:23:55 2004 *************** *** 273,278 **** --- 273,285 ---- AC_DEFINE(LOGIN_NEEDS_TERM) AC_DEFINE(PAM_TTY_KLUDGE) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") + # Check for existence of POSIX threads. + AC_CHECK_HEADER(pthread.h, [ + AC_CHECK_LIB(pthread, pthread_create, [ + CPPFLAGS="$CPPFLAGS -DUSE_POSIX_THREADS" + LIBS="-lpthread $LIBS" + ]) + ]) # Pushing STREA...
2003 Feb 11
1
Problems configuring OpenSSH 3.5p1 on Sol 5.8
..._VERSION "" #define PACKAGE_STRING "" #define PACKAGE_BUGREPORT "" #define WORDS_BIGENDIAN 1 #define _FILE_OFFSET_BITS 64 #define LOGIN_PROGRAM_FALLBACK "/usr/bin/login" #define PAM_SUN_CODEBASE 1 #define LOGIN_NEEDS_UTMPX 1 #define LOGIN_NEEDS_TERM 1 #define PAM_TTY_KLUDGE 1 #define DISABLE_UTMP 1 #define DISABLE_WTMP 1 #define STDC_HEADERS 1 #define HAVE_SYS_TYPES_H 1 #define HAVE_SYS_STAT_H 1 #define HAVE_STDLIB_H 1 #define HAVE_STRING_H 1 #define HAVE_MEMORY_H 1 #define HAVE_STRINGS_H 1 #define HAVE_INTTYPES_H 1 #define HAVE_UNISTD_H 1 #define HAVE_CRYPT_H 1 #defi...
2009 Apr 08
3
libedit not found on SUse 11.1
Included below is a diff between the output from configure on a 64 bit SUse 11.1 (doesn't find libedit) and a 64 bit Suse 10.3 (does find libedit) for otherwise identical setups. 1. How can I get the output set up to look at conftest.c? 2. I added a set -x to configure above LIBEDIT_MSG=no 3. ./configure --with-ldflags="-L/usr/lib64" --with-cflags="-ggdb3
2001 Oct 23
2
PAM problem - sshd segfault on Solaris
I'm using OpenSSH-2.9.9p2 on Solaris 8 sparc64. 2.9p2 worked fine, but 2.9.9p2+ is giving me trouble with one thing - sshd segfaults if I try to connect and execute a command, such as "ssh machine ls". Otherwise it works great. sshd will fork, and the child process segfaults. CVS snapshot does the same thing. I've narrowed this down somewhat. It will only happen if you use
2005 Sep 19
1
ssh hangs or gives Segmentation fault
...PIRE_IN_PASSWD */ /* #undef HAVE_PW_CHANGE_IN_PASSWD */ /* #undef HAVE_ACCRIGHTS_IN_MSGHDR */ #define HAVE_CONTROL_IN_MSGHDR 1 /* #undef BROKEN_INET_NTOA */ #define HAVE_SYS_ERRLIST 1 #define HAVE_SYS_NERR 1 /* #undef IP_TOS_IS_BROKEN */ /* #undef HAVE_GETUSERATTR */ #define HAVE_BASENAME 1 #define PAM_TTY_KLUDGE 1 /* #undef SSHPAM_CHAUTHTOK_NEEDS_RUID */ /* #undef USE_PIPES */ /* #undef BROKEN_SNPRINTF */ /* #undef HAVE_CYGWIN */ /* #undef BROKEN_REALPATH */ /* #undef HAVE_NEXT */ /* #undef USE_PAM */ /* #undef WITH_AIXAUTHENTICATE */ /* #undef AIX_LOGINFAILED_4ARG */ /* #undef SKEYCHALLENGE_4ARG */ /* #un...
2003 Oct 29
4
Fix for USE_POSIX_THREADS in auth-pam.c
...pam_handle, PAM_RHOST, pam_rhost); + sshpam_err = pam_set_item(grab_pamh(0, NULL), PAM_RHOST, pam_rhost); if (sshpam_err != PAM_SUCCESS) { - pam_end(sshpam_handle, sshpam_err); - sshpam_handle = NULL; + pam_end(grab_pamh(0, NULL), sshpam_err); + grab_pamh(1, NULL); return (-1); } #ifdef PAM_TTY_KLUDGE @@ -329,10 +426,10 @@ * may not even set one (for tty-less connections) */ debug("PAM: setting PAM_TTY to \"ssh\""); - sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh"); + sshpam_err = pam_set_item(grab_pamh(0, NULL), PAM_TTY, "ssh");...
2016 Aug 02
6
OpenSSH 7.3p1 can't be build on Solaris 10
...eck_for_libcrypt_later=1 > check_for_openpty_ctty_bug=1 > + dnl Target SUSv3/POSIX.1-2001 plus BSD specifics. > + dnl _DEFAULT_SOURCE is the new name for _BSD_SOURCE > + CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE" > AC_DEFINE([PAM_TTY_KLUDGE], [1], > [Work around problematic Linux PAM modules handling of PAM_TTY]) > AC_DEFINE([LOCKED_PASSWD_PREFIX], ["!"], > @@ -1789,11 +1792,8 @@ AC_CHECK_FUNCS([ \ > warn \ > ]) > > -dnl Wide character support. Linux man page says it needs _XOPEN_SO...