current-users: Re: PAM enabled on head

Subject: Re: PAM enabled on head
To: Hauke Fath <hauke@Espresso.Rhein-Neckar.DE>
From: Christos Zoulas <christos@zoulas.com>
List: current-users
Date: 03/12/2005 20:49:36
On Mar 13, 12:43am, hauke@Espresso.Rhein-Neckar.DE (Hauke Fath) wrote:
-- Subject: Re: PAM enabled on head

| At 13:23 Uhr -0500 12.3.2005, Christos Zoulas wrote:
| >| -- how do I make rshd dump core? Or attach a debugger to it?
| >
| >I see what the problem is... CVS update.
| 
| There is one more strange phenomenon here...
| 
| I use rsh to open an xterm that displays on another machine. Now, when I
| issue the rsh command ("/usr/X11R6/bin/xterm -ls -sb  -sl 400 -display
| q650:0.0"), the xterm pops up (timestamp 00:32:57), and the debuglog shows
| the corresponding pam checks. When I exit from this xterm, a new xterm pops
| up (timestamp 00:33:20), and the debuglog shows rshd syslog()ing a
| connection - but without any pam checks.
| 
| Mar 13 00:32:57 mara inetd[3218]: connection from q650.causeuse.org,
| service shell (tcp)
| Mar 13 00:32:57 mara rshd[3218]: in openpam_dispatch(): calling
| pam_sm_authenticate() in pam_rhosts.so
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_user(): entering
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): entering: PAM_USER
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): returning PAM_SUCCESS
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_user(): returning PAM_SUCCESS
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): entering: PAM_RUSER
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): returning PAM_SUCCESS
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): entering: PAM_RHOST
| Mar 13 00:32:57 mara rshd[3218]: in pam_get_item(): returning PAM_SUCCESS
| Mar 13 00:32:58 mara rshd[3218]: in openpam_dispatch(): pam_rhosts.so:
| pam_sm_authenticate(): success
| Mar 13 00:32:58 mara rshd[3218]: in openpam_dispatch(): calling
| pam_sm_setcred() in pam_rhosts.so
| Mar 13 00:32:58 mara rshd[3218]: in openpam_dispatch(): pam_rhosts.so:
| pam_sm_setcred(): success
| Mar 13 00:32:58 mara rshd[3275]: hauke@q650.causeuse.org as hauke:
| cmd='/usr/X11R6/bin/xterm -ls -sb  -sl 400 -display q650:0.0'
| Mar 13 00:33:20 mara rshd[3218]: hauke@q650.causeuse.org as hauke:
| cmd='/usr/X11R6/bin/xterm -ls -sb  -sl 400 -display q650:0.0'
| 
| None of my non-pam machines ever did that. Could it be related to 'su'
| prompting for a password twice on some machines (not happening here,
| though)?

No, just another stupid bug.

christos