similar to: Re: Dovecot doesn't call pam_open_session, thus dodging

This is great I've been wanting to get rid of my NFS mounts for some time and have just the user MailDirs be local to the web server. And this will help alot ! -- Chris L. Franklin -- > Message: 1 > Date: Thu, 27 Jan 2005 16:08:28 -0700 > From: Nicolas Lopez <nlopez at espri.arizona.edu> > Subject: [Dovecot] Dovecot doesn't call pam_open_session, thus dodging >

I hit a small snag using Dovecot-imapd smoothly in my environment with maildir and most of my accounts in LDAP. Since the accounts are created through a web interface on another server home directories on the mail server don't get created automatically. There's the handy pam module pam_mkhomedir.so to automagically create home directories, but unfortunatly Dovecot wasn't calling

On Tue, 1 Feb 2005, it was written: > Nicolas Lopez wrote: > > maildir and most of my accounts in LDAP. Since the accounts are created > > through a web interface on another server home directories on the mail > > server don't get created automatically. There's the handy pam module > > pam_mkhomedir.so to automagically create home directories, but >

I just hit the problem too, but in digging into it I found that the post-inst script was running the dh_installinit bit which tries to start the daemon, before the dh_pycentral bit, which makes the python modules available. I manually ran "pycentral pkginstall xen-utils-3.0" then xend would start and the postinst script could finish. - Nick Lopez nlopez@espri.arizona.edu

OK, I think I've hit a misfeature in samba 3.0(release, Debian/sid) when it comes to using both Samba BDCs and domain trusts. It seems that the domain trust password is stored in the secrets.pdb on the server establishing the trust. This, obviously doesn't facilitate BDCs exercising the trust relationship, or being at all accessable from workstations on the other side of the trust. I

https://bugzilla.mindrot.org/show_bug.cgi?id=2399 Bug ID: 2399 Summary: openssh server should fatal out when pam_setcred and pam_open_session fail Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=1249 Summary: pam_open_session called with dropped privs Product: Portable OpenSSH Version: 4.4p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard at

On Mon, 22 Nov 1999, Philip Brown wrote: > [ Marc G. Fournier writes ] > > debug("PAM_retval(open_session) about to run"); > > pam_retval = pam_open_session((pam_handle_t *)pamh, 0); > > > > > =========================================== > > > > so, its looking like I'm authenticated properly, but when trying to set up > > the

Anyone out there know more about PAM under Solaris 7/x86 then I do, that can maybe tackle this, and/or suggestion a route to take to fix? After doing some debugging, it looks like the problem is a seg fault at: sshd.c:void pam_cleanup_proc(void *context) =========================================== debug("PAM_retval(open_session) about to run"); pam_retval =

For root sessions pam_open_session is called, but not pam_close_session. sshd behavior is broken for root logins because if pam session is run from the child, close is never called due to exec: on open since use_privsep is not set, parent calls do_exec_pty(), which does not open session. then, it skips calling do_setusercontext(), so it does not open session. child calls

Hello, all- Apparently, under Solaris (I can personally confirm SunOS 5.7 and 5.8), pam_open_session will generate a segfault if PAM_TTY is not set. The obvious symptom of this is that OpenSSH 2.9.9p2 will segfault on any operation that does not request a tty (do_exec_no_pty). Based on a quick google search, this seems to have been encountered by others, though the specific symptoms seem to

https://bugzilla.mindrot.org/show_bug.cgi?id=1249 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #4 from Darren Tucker <dtucker at zip.com.au> 2008-06-15 05:27:49

On 2001-10-26 at 13:35:50 Nicolas Williams <Nicolas.Williams at ubsw.com> wrote: > On Fri, Oct 26, 2001 at 02:11:13PM +0200, Markus Friedl wrote: > > On Fri, Oct 26, 2001 at 10:14:21AM +1000, Damien Miller wrote: > > > On Thu, 25 Oct 2001, Ed Phillips wrote: > > > > > > > What is the reasoning behind this? Do we want to see a lastlog entry for >

Hi All. Has anyone else tried the current tree on Solaris 8? I installed a recommended patch cluster and now I get PAM errors, but only on a non-interactive (ie no TTY) login. I think this behaviour was introduced with the patch cluster. First thing is that in debug mode, the debug at auth-pam.c:534 derefs tty which is null, and segfaults. This occurs in debug mode only and is easy to fix.

Hi All. Attached is a patch that converts pam_chauthtok_conv into a generic pam_tty_conv, which is used rather than null_conv for do_pam_session. This allows, for example, display of messages from PAM session modules. The accumulation of PAM messages into loginmsg won't help until there is a way to collect loginmsg from the monitor (see, eg, the patches for bug #463). This is because the

A few things to keep in mind: - kbd-int should call pam_authenticate(), acct_mgmt(), chauthtok(), if required, setcred(PAM_ESTABLISH_CRED) and open_session() ALL during kbd-int so that modules in each of those PAM stacks can prompt the user (pam_open_session(), for example, may prompt a user with an informational message akin to the last login message) - all userauth methods should

on hp-ux 11 i see: $ date;ssh jenny Fri Oct 12 14:44:13 PDT 2001 Last successful login for stevesk: Fri Oct 12 10:45:42 PST8PDT 2001 on pts/2 Last unsuccessful login for stevesk: Mon Sep 24 22:55:53 PST8PDT 2001 Last login: Fri Oct 12 10:45:43 2001 from 172.31.1.53 You have mail. so solaris PAM is different. can other solaris+PAM users confirm this? On Fri, 12 Oct 2001, Benn Oshrin wrote:

We recently started upgrading OpenSSH on our Sol8 systems and we've run into a problem were we can run commands on a remote system since we installed 3.7.1p1. The debug output from sshd is attached below. We use PAM in our environment, and have since 2.9.9p2. I think most of the systems were running 3.4p1 prior installing 3.7.1p1 and they were working - the only thing we replaced was

Hi, I'm not subscribed, so keep me in cc. And thanks for having mailing-list open for posting. I had a couple of problems with OpenSSH on Solaris 8/MU3 + recent patches. 1) When I tried to use scp from any other host, sshd on Solaris host crashed with SIGSEGV. Here's the stack trace: core 'core.sshd.7637' of 7637: ./sshd -d -d -d fefb393c strncpy (ffbee074, 5, 7, 0,

On Solaris, the pam_unix module includes a pam_session which updates the lastlog file. Since OpenSSH calls pam_session before reading the lastlog file, SSH logins to systems with this configuration (as well as similar ones, I'd imagine) report the last login time and remote host as the values from the current session. My solution to this problem is to call pam_open_session in the child,