lib/38198: Problem with pam_group

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/38198: Problem with pam_group
From: sponitka%smail.uni-koeln.de@localhost
Date: Sat, 8 Mar 2008 19:50:00 +0000 (UTC)

>Number:         38198
>Category:       lib
>Synopsis:       Problem with pam_group
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Mar 08 19:50:00 +0000 2008
>Originator:     Sebas
>Release:        4.99.54
>Organization:
>Environment:
NetBSD fry 4.99.54 NetBSD 4.99.54 (fry) #0: Sun Feb 24 22:42:17 CET 2008  
sebas@fry:/u/0/obj/sys/arch/i386/compile/fry i386
>Description:
"The group service module for PAM accepts or rejects users based on their 
membership in a particular file group."

I added the group "foo" (/etc/group):
foo:*:10000:foouser

I modified the sshd to use pam modules and added the line following line to my 
/etc/pam.d/sshd file:
auth            requisite       pam_group.so    group=foo

But the pam subsystem rejects any user. I looked in the pam_group.c file, the 
module checks, whether the target user (PAM_USER) exists in the password 
database. But later the module checks, whether the ruser (PAM_RUSER) exists in 
the password db. The module fails if the PAM_RUSER isn't set. 

There was an similar issue with the freebsd implementation:

http://lists.freebsd.org/pipermail/freebsd-i386/2003-June/000086.html

Removing the PAM_RUSER check resolvs the problem.


>How-To-Repeat:
Try to use the pam_group with sshd
>Fix:
Remove the PAM_RUSER check in pam_group.c (???)

Prev by Date: Re: kern/37622 (COMPAT_ULTRIX doesn't build)
Next by Date: Re: kern/37973 (There's no way to save PaX flags in Linux binaries)
Previous by Thread: Re: kern/37622 (COMPAT_ULTRIX doesn't build)
Next by Thread: Re: kern/37973 (There's no way to save PaX flags in Linux binaries)
Indexes:

Home | Main Index | Thread Index | Old Index