Summary: | PAM sshd pam_nologin and pam_shells never get executed | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | wgja |
Component: | Default Configs | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | michael, pam-bugs+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://forums.gentoo.org/viewtopic-t-483499.html | ||
Whiteboard: | jaervosz | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 182301, 183886, 183887, 183888, 183890, 183958, 183961 | ||
Bug Blocks: |
Description
wgja
2006-10-13 06:23:01 UTC
the same issue exists in: /etc/pam.d/login /etc/pam.d/xdm Problem would result in the failure of /etc/nologin to function properly, and bypasses the /etc/shells check. pam-bugs please advise. pam-bugs please advise. The include line should probably be at the end instead of at the top. yeah, the include line should be moved down. Accepting bug and awaiting fixed ebuild. security: you'll have to find who the various broken files in /etc/pam.d/ belong to, and get them on here. Duh, too many bugs to handle. Thx for the pointer robbat2:-) Teams please fix your files placed in /etc/pam.d/: /etc/pam.d/sshd /etc/pam.d/login /etc/pam.d/xdm Fixed in xdm-1.1.2-r1, and for anyone who emerges any version after today. *** Bug 160959 has been marked as a duplicate of this bug. *** base-system any word on this? Thanks. base-system does not care about pam ... there's a reason we have a sep "pam-bugs" alias if the pam buys want to fix something, they're free to change whatever pam files they like pam-bugs please advise. pam-bugs please advise. pam-bugs please advise. I thought we were sending this to base-system so that they could fix the shadow and openssh packages? Thx Robin, my memory is limited:) base-system please advise. comment #12 still stands pam-bugs please fix any remaining files under /etc/pam.d/ that belongs to base-system. pam-bugs please fix any remaining files under /etc/pam.d/ that belongs to base-system so we can get this one closed. (In reply to comment #20) > pam-bugs please fix any remaining files under /etc/pam.d/ that belongs to > base-system so we can get this one closed. AFAICT there's nothing left to be fixed here. Thx for the pointer Jakub. I'll close this one now (only mips is left on bug #182301). |