similar to: [Bug 926] pam_session_close called as user or not at all

http://bugzilla.mindrot.org/show_bug.cgi?id=926 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO|994 | nThis| | ------- Additional Comments From dtucker at zip.com.au 2005-05-22 11:03 -------

http://bugzilla.mindrot.org/show_bug.cgi?id=926 carsten.benecke at rrz.uni-hamburg.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |carsten.benecke at rrz.uni- | |hamburg.de ------- Comment #16 from

http://bugzilla.mindrot.org/show_bug.cgi?id=926 ------- Comment #21 from t8m at centrum.cz 2006-08-05 01:18 ------- The patch causes a regression with pam_krb5 module. See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=201341 As I said above I think that the only correct solution which would solve all cases (privsep yes/no, root/regular user) would be to add another fork before the

https://bugzilla.mindrot.org/show_bug.cgi?id=926 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #36 from Damien Miller <djm at mindrot.org> 2008-06-30 17:39:52 ---

https://bugzilla.mindrot.org/show_bug.cgi?id=926 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1353 --- Comment #27 from Darren Tucker <dtucker at zip.com.au> 2008-01-01 02:05:40 --- Patch #1216

http://bugzilla.mindrot.org/show_bug.cgi?id=926 Summary: pam_session_close called as user or not at all Product: Portable OpenSSH Version: -current Platform: All URL: http://marc.theaimsgroup.com/?l=openssh-unix- dev&m=106458208520320 OS/Version: All Status: NEW Severity: normal

Hello, I would like to point to this problem again as I have not seen a reply to my original posting: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=106458208520320&w=2 and the problem still exists in version 3.9p1. After closing a ssh-session the pam_close_session() function is not invoked. Enabling PrivilegeSeparation (UsePrivilegeSeparation yes) does not help. Could someone

https://bugzilla.mindrot.org/show_bug.cgi?id=2548 Bug ID: 2548 Summary: Make pam_set_data/pam_get_data work with OpenSSH Product: Portable OpenSSH Version: 7.2p1 Hardware: Sparc OS: Solaris Status: NEW Severity: major Priority: P5 Component: PAM support Assignee:

I hit a small snag using Dovecot-imapd smoothly in my environment with maildir and most of my accounts in LDAP. Since the accounts are created through a web interface on another server home directories on the mail server don't get created automatically. There's the handy pam module pam_mkhomedir.so to automagically create home directories, but unfortunatly Dovecot wasn't calling

https://bugzilla.mindrot.org/show_bug.cgi?id=926 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1216|0 |1 is obsolete| |

https://bugzilla.mindrot.org/show_bug.cgi?id=926 Jan Engelhardt <jengelh at gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at gmx.de --- Comment #33 from Jan Engelhardt <jengelh at

http://bugzilla.mindrot.org/show_bug.cgi?id=926 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OtherBugsDependingO| |914 nThis| | Status|NEW |ASSIGNED ------- You are

Hello, We use USE_POSIX_THREADS in our HP-UX build of OpenSSH. When we connect a non-root user with PAM [pam-kerberos] then I get the following error. debug3: PAM: opening session debug1: PAM: reinitializing credentials PAM: pam_setcred(): Failure setting user credentials This is particularly for non-root users with PrivSep YES. When I connect to a root user with PrivSep YES or to a non-root

On Mon, 22 Nov 1999, Philip Brown wrote: > [ Marc G. Fournier writes ] > > debug("PAM_retval(open_session) about to run"); > > pam_retval = pam_open_session((pam_handle_t *)pamh, 0); > > > > > =========================================== > > > > so, its looking like I'm authenticated properly, but when trying to set up > > the

-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan

As many of you know, OpenSSH 3.7.X, unlike previous versions, makes PAM authentication take place in a separate process or thread (launched from sshpam_init_ctx() in auth-pam.c). By default (if you don't define USE_POSIX_THREADS) the code "fork"s a separate process. Or if you define USE_POSIX_THREADS it will create a new thread (a second one, in addition to the primary thread). The

http://bugzilla.mindrot.org/show_bug.cgi?id=1308 --- Comment #6 from Tom Cox <tomc at hot.rr.com> 2007-06-24 03:12:38 --- Created an attachment (id=1312) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1312) Change prevents pam_end from being called with current status. File shows problem introduced in session.c, version 1.346. -- Configure bugmail:

http://bugzilla.mindrot.org/show_bug.cgi?id=1308 Summary: pam handling change breaks pam_abl module Product: Portable OpenSSH Version: 4.6p1 Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=1087 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Group|Portable OpenSSH | ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Dear all, I've been looking into hacking with some PAM modules, and thought I could learn from the OpenSSH source (it's probably the closest thing to a canonical cross-platform consumer of the API). One thing I've noticed I don't understand though is how OpenSSH's invocation of do_pam_session/setcred can work (in main of the process forked in sshd.c). Ignoring privsep for the