similar to: OpenSSH PAM "thread" buglet

SecureComputing's PAM library doesn't pass back the correct context to the pam_conversation function, i.e. it passes back NULL. So this patch works around this fact. likely you'll only want this hack if you expect to use pam_safeword.so in your authentication check, and only if you run sshd in privilege separation (separate process) mode so that the PAM conversation is single

Hi All. Attached is a patch to perform pam_chauthtok via SSH2 keyboard-interactive. It should be simpler, but since Solaris seems to ignore the CHANGE_EXPIRED_AUTHTOK flag, it calls do_pam_account to check if it's expired. To minimise the change in behaviour, it also caches the result so pam_acct_mgmt still only gets called once. This doesn't seem to work on AIX 5.2, I don't know

Hi All. This patch calls pam_chauthtok() to change an expired password via PAM during keyboard-interactive authentication (SSHv2 only). It is tested on Redhat 8 and Solaris 8. In theory, it should have simply been a matter of calling pam_chauthtok with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is if it's expired, right? From the Solaris pam_chauthtok man page:

Hi. One thing that people seem to want to do with PAM is to deny a login immediately without interacting but return a message to the user. (Some platforms implement, eg, /etc/nologin via PAM this way.) Currently, sshd will just deny the login and the user will not be told why. Attached it a patch that return a keyboard-interactive packet with the message in the "instruction"

The following patch (relative to -current) makes PAM a proper kbd-interactive citizen. There are a few limitations (grep for todo), but the code seems to work OK for protocols 1 & 2 with and without privsep. Please have a play! auth2-pam.c is based on code from FreeBSD. Index: auth2-chall.c =================================================================== RCS file:

Hi. T2000 1.2GHz 8-core, 32GB RAM, S10U3, zil_disable=1. Command ''zpool export f3-2'' is hung for 30 minutes now and still is going. Nothing else is running on the server. I can see one CPU being 100% in SYS like: bash-3.00# mpstat 1 [...] CPU minf mjf xcal intr ithr csw icsw migr smtx srw syscl usr sys wt idl 0 0 0 67 220 110 20 0 0 0 0

Can anyone with Heimdal KrbV verify this? -------------- next part -------------- An embedded message was scrubbed... From: Dag-Erling Smorgrav <des at ofug.org> Subject: Kerberos buglet in OpenSSH-3.3p1 Date: 25 Jun 2002 14:52:10 +0200 Size: 1291 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020626/347e123e/attachment.mht

resending to the whole mailing list .. ----- Forwarded message from kouril ----- Date: Wed, 26 Jun 2002 11:50:14 +0200 To: Damien Miller <djm at mindrot.org> Subject: Re: [Fwd: Kerberos buglet in OpenSSH-3.3p1] User-Agent: Mutt/1.2.5i In-Reply-To: <1025084114.12959.0.camel at mothra.mindrot.org>; from djm at mindrot.org on Wed, Jun 26, 2002 at 07:35:14PM +1000 On Wed, Jun 26, 2002 at

Conrad, Small buglet with the 0.9.1 liboggz release (go dude!) http://thaumas.net/~giles/xiph/elphel/clips/elphel_00017.ogg causes a float exception in oggzinfo when it tries to calculate the bitrate. It fails to measure the duration and tries to divide by zero. :) There may well be something wrong with the file, although oggz-validate doesn't complain. Also, the configure script

On Sun, Apr 10, 2005 at 01:14:14PM +1000, Conrad Parker wrote: > On Fri, Apr 08, 2005 at 12:45:08PM -0700, Ralph Giles wrote: > > Conrad, > > > > Small buglet with the 0.9.1 liboggz release (go dude!) > > > > http://thaumas.net/~giles/xiph/elphel/clips/elphel_00017.ogg causes a > > float exception in oggzinfo when it tries to calculate the bitrate. It

Looks like there is a buglet in 'installed.packages', around line 17: for (lib in lib.loc) { dest <- file.path(tempdir(), paste("libloc_", URLencode(lib,=20 TRUE), paste(fields, collapse =3D ","), ".rds", sep =3D "")) if (!noCache && file.exists(dest) && file.info(dest)$mtime >=20

Dieter Menne wrote: > Hi, Jim, > > there is a typo at the bottom of plotCI: there is an y.to.in which should be > x.to.in. > > See list for an example. > > http://article.gmane.org/gmane.comp.lang.r.general/147103 > > Should be: > nz <- (abs(ui - pmin(x + gap, ui)) * x.to.in) > 0.001 > > Dieter > > Hi Dieter, Thanks for the fix. I have

FYI This bug will prevent ''shorewall restore'' from working if you have "!<single IP address>" in the ORIGINAL DEST column. -Tom ---------- Forwarded Message ---------- Subject: [PATCH] Another iptables-save buglet Date: Wednesday 14 September 2005 15:09 From: Tom Eastep <teastep@shorewall.net> To: netfilter-devel@lists.netfilter.org The conntrack

Just a quick heads up to warn those of you using my gss-keyex patches that there's a small buglet in them which will affect interoperability. I'm building the hash incorrectly (by including a zero length string where there shouldn't be one). This will mean that when trying to interoperate with other implementations (if there are any :-) you'll get a message about the MIC not

Hello, md5_final() function contains minor buglet, it clears first 4 bytes of md5_context instead of whole structure. Patch attached. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/dontdiff dovecot-1.0-test28.vanilla/src/lib/md5.c dovecot-1.0-test28/src/lib/md5.c

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symptoms: curve with log x axis gets the wrong x limits (in 2.6.1, I believe introduced in this version). Credit goes to Mike McCoy for detecting the problem. Demonstration: x = 1:5 plot(x,5*exp(-x),xlim=c(0.1,1000),log="x") xvec = 10^seq(-1,3,length=100) lines(xvec,5*exp(-xvec)) curve(5*exp(-x),add=TRUE,col=2,lwd=3) I believe

read.matrix.csr does not close the connection: > library('SparseM') Package SparseM (0.96) loaded. > read.matrix.csr(foo) ... Warning message: closing unused connection 3 (foo) > -- Sam Steingold (http://sds.podval.org/) on Ubuntu 12.04 (precise) X 11.0.11103000 http://www.childpsy.net/ http://truepeace.org http://camera.org http://pmw.org.il http://think-israel.org

I''ve also placed the patch in: http://shorewall.net/pub/shorewall/contrib/ipset/ ftp://shorewall.net/pub/shorewall/contrib/ipset/ -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

On Solaris 10, dtrace''s cwd yields a full path name: # dtrace -n ''syscall:::entry { printf("%s", cwd); }'' 0 1685 pollsys:entry / 0 1381 write:entry /data/homes/guest/rdm ... On OSX, it yields just a directory name: # dtrace -n ''syscall:::entry { printf("%s", cwd); }'' 0 17596 read:entry rdm

Hi OpenSSH folks, Just a quick note: this is my .bashrc: # Executed by non-login interactive shell # # scp go wild when it see this #echo "<*> Executing ~/.bashrc from '$0'. Command line: '$*'" #ps -H e #echo "<*> Finished ~/.bashrc" Line 3 was added and subsequent lines commented out. Now scp works. Looks like a little scp bug for me. CC me,