Subject: bin/29555: PAM problems - su vs. krb5 (.k5login problems)
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <gcw@primenet.com.au>
List: netbsd-bugs
Date: 02/28/2005 06:07:00
>Number: 29555
>Category: bin
>Synopsis: PAM'd su with krb5 misses .k5login and falls back to password
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Feb 28 06:07:00 +0000 2005
>Originator: Geoff C. Wing
>Release: NetBSD 2.99.16 (2005-02-28)
>Organization:
>Environment:
System: NetBSD g.primenet.com.au 2.99.16 NetBSD 2.99.16 (G) #0: Sun Feb 27 14:34:43 EST 2005 gcw@g.primenet.com.au:/usr/netbsd/src/sys/arch/i386/compile/G i386
Architecture: i386
Machine: i386
>Description:
PAM'd su doesn't properly look for $HOME/.k5login when doing krb5
authentication
e.g.
# ls -l $HOME/.k5login
-rw------- 1 root wheel xx Aug 28 2001 /root/.k5login
# cat $HOME/.k5login
me/root@MYREALM
% su
root@MYREALM's Password: <--- password fallback
>How-To-Repeat:
see above
>Fix:
?